www.tiktokstalk.com Open in urlscan Pro
2606:4700:3037::ac43:ad9a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tiktokstalk.com/
Submission: On October 28 via api (October 28th 2023, 5:50:30 pm UTC) from US — Scanned from DE

Summary HTTP 200 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 47 IPs in 11 countries across 48 domains to perform 200 HTTP transactions. The main IP is 2606:4700:3037::ac43:ad9a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tiktokstalk.com.
TLS certificate: Issued by GTS CA 1P5 on September 27th 2023. Valid for: 3 months.

This is the only time www.tiktokstalk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700:303... 2606:4700:3037::ac43:ad9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
24	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:8c00:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:225... 2600:9000:2250:ce00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	54.75.204.82 54.75.204.82	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 8	2a02:26f0:f70... 2a02:26f0:f700:9::58dd:5c12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 25	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	3.121.157.25 3.121.157.25	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
4 4	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	172.104.121.22 172.104.121.22	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2 2	54.165.78.186 54.165.78.186	14618 (AMAZON-AES) (AMAZON-AES)
1	63.32.198.140 63.32.198.140	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	2600:9000:211... 2600:9000:211e:5c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.210.56.15 3.210.56.15	14618 (AMAZON-AES) (AMAZON-AES)
1 1	211.120.53.203 211.120.53.203	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
200	47

21 2606:4700:3037::ac43:ad9a (United States)

ASN13335 (CLOUDFLARENET, US)

www.tiktokstalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:8c00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:ce00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.204.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-204-82.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:f700:9::58dd:5c12 (Vienna, Austria) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.157.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-157-25.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.31 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Ulyanovsk, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.121.22 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1731-22.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.78.186 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-78-186.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.198.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-198-140.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.56.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-15.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.120.53.203 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	324 KB
33	googlesyndication.com ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	145 KB
24	demand.supply live.demand.supply — Cisco Umbrella Rank: 53681	42 KB
21	tiktokstalk.com www.tiktokstalk.com	371 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	121 KB
9	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1682 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903	59 KB
8	bing.com 3 redirects www.bing.com — Cisco Umbrella Rank: 66	34 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 ads.eu.criteo.com — Cisco Umbrella Rank: 10450 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 dis.criteo.com — Cisco Umbrella Rank: 597	59 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	64 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212 Failed	236 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	10 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5085	955 B
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665	680 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	954 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 823	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	910 B
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4948	72 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	9 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 13026	233 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1208	1021 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4670	614 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377	775 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2969	1 KB
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	236 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 6641	233 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	584 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	611 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	199 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 15453	597 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242	550 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	574 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	149 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	257 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	87 KB
200	48

	Domain	Requested by
25	cm.g.doubleclick.net	1 redirects ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
24	live.demand.supply	www.tiktokstalk.com live.demand.supply client
21	www.tiktokstalk.com	www.tiktokstalk.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com www.tiktokstalk.com
14	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net www.tiktokstalk.com ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com www.tiktokstalk.com www.googletagservices.com
8	www.bing.com	3 redirects ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
8	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com
7	ams3-ib.adnxs.com	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com cdn.adnxs.com
5	imageproxy.eu.criteo.net	ads.eu.criteo.com
5	www.google.com	tpc.googlesyndication.com ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com www.tiktokstalk.com
5	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	b1sync.zemanta.com	4 redirects
4	www.googletagservices.com	securepubads.g.doubleclick.net ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com www.tiktokstalk.com
3	www.gstatic.com	www.tiktokstalk.com ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
3	an.yandex.ru	2 redirects ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	ajax.googleapis.com ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com www.tiktokstalk.com
2	eb2.3lift.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	c1.adform.net	2 redirects
2	csm.eu.criteo.net	ads.eu.criteo.com
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	cdn.adnxs.com	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
2	adsdk.microsoft.com	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
1	rtb2-useast.e-volution.ai	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	tg.socdm.com	1 redirects
1	fksnk.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	a.rfihub.com	1 redirects
1	s.ad.smaato.net	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	dsp.adkernel.com	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	dis.criteo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	match.360yield.com	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	a.c.appier.net	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	x.bidswitch.net	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	match.adsrvr.org	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	ads.eu.criteo.com	ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	www.tiktokstalk.com
1	www.googletagmanager.com	www.tiktokstalk.com
200	66

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
tiktokstalk.com GTS CA 1P5	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.tiktokstalk.com/
Frame ID: 847DB6D148F515914AD60EC925FDB234
Requests: 81 HTTP requests in this frame

Frame: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B3C479C58B8BFA5BB3E6B18374D9E174
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.tiktokstalk.com
Frame ID: FC463B9091524E4088002A3C1ED0CDF7
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: FFEAF6213211B355856D9CD227E49748
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO5-eKVlexl1gKy81z5cmMUVtwDe6ejEuqGiWfZWH5bGcxT5LFH2OumkPtVZIKs5nRCbSA2T8EoUeYcjyQna1dg-VZfN0whWYkdQ-c3fGpx0YsBJT7qeKO-PPxxpDtoZKZxrh-bojGpslKAVue_Q3bDKuRMym8Y2BiTNVmafkHe2XTohiWzsSMnM4Sk5PEpfm3iyV4nZjhIKlQkdHI3QwsQ9AVPhjSI562t00SSZoZTqjjByN3UgepJRt85aV4Dy_fyNfNOP9P-92ogl48eMceDVhPbS5X63eLUI-1Ic36GAvho7nuLA1M3hwoJZyVmcpd-ZX5TU4CqX_58CR2slxX4RSKD3VIoZyl3Uwri6_JLoevxC6oYSKwUdr9h8LjVmH_RqWxLyd6U0686n8LUwaKPS_AguqQEXzBL3zqa8F8zamQVzYaCg&sai=AMfl-YSKK-1-YQ2i21CrD8fZ2KDF9N1mCO7vRaaq91vdlFiKOqRwIyb98UfVdX7RtNKv8kxsvxxfbkmdv1HoVTfMqg6wF9Yjtsa3Hr_7iA2Ii6iwRA6__4zJFfxsmmgSPoDinGT2q3jBknD8f8RTgPEB&sig=Cg0ArKJSzAdgt2NgAa8NEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 933539B7CC64BD3C185DE2A1A769C73D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwoHp1YxEfkytv5qlUAz1sshhqC4V0Vpc3TJ5kTik_lEy8H0baTRz8n91FOO-34TEnBzknIRKO2YfvcwH8TbRqbdIWEgLgbn_XOrJ030VVxCBblQ5go0CHNlZlyIWck__O4rPnrVguTHSx-ClZWf-dSSZ-ZyxTQHQrl7QYgCHr9U7MEpxDCqZt7uoBSgOtwJdowk8aL9HQpsl12Ej5tgsUZIuX3MepOUWcj_vuXu46p3F788j009Zog9ItcJsr--q-sWgrVM6raWwqqkfNu8yxVbQcMC92FrkteLWcmHik_KjNUv2R_Ub-vaHiTjCdLpIDe5TmWE3Mc5R4JFygcDqWfrLNjwrxSCHvDMDh2c4HJEkHUKZgawmo4l-sdtg3-uE4wvtKVjCYq6g6z7T3-BL7eqYzT-sX2ZZS_J2tOnnOTAGkOMJPoQ&sai=AMfl-YQ_IbN9d7xVvN6cvMO0-80_nxx5EyJPa0Ru3cGaAimIfSp0ii0uPKv9g4J1cbQQ6Na47eu56iTpft7_DHKY24efZcaDl6uk1OHORwIPGMbZsWIAVNOuylks4wO2mxcj3SowJt1wPC2XUIhkuR4&sig=Cg0ArKJSzD5Lk-LZCJxdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9C68F4DA269B0CF964F0DF450E3518BA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6651D7DD7C0CB68FAE428189E78ED73
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D335DE5DBDF9D051F2005E3FAD0F2F47
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJkxAgpj9HaTWze_OezqKc_ttNoqIjI65DmuZFZ-JHw4BeUvTILJG3FeNC33QrmhKvI4polzppbf0qyIKO8eGjMj3W-EiceE4LHrLt6p171aENdxx1ZZD1MVlkzw0ZEsfgc-hiG8WwjJPlWOZInmnTZaCt-VoV91BItmvdzLU2xoxjObts-XmT400NltZlfFfOb9gNY7wN5acjLVWqrW40KexBg4jnaEgI8N7We1m7I2BjroEMdm1OcBdREPyW_c_MpLmgf_1GY6L8leRcAQmc06-hwSa7108M3QQ5oF2jmudeQDdp17wAI4y492bjVE8UzYuHImKBKfd8NRmhBiDUYfSP2QWW4scYbruonzdB53VMgmMoWBrXow6jxJs6v4WqN978kUXPzvGfKZikkC5W8l6Q230CrGDh6cs9CfEUDHzmGEsq-g&sai=AMfl-YSIJq9HpgUo6iQCJfvSaeljKJLZbu8bd0ZWFqDtX3yGTiIRRuqPLYpzoS9PWUeGxaRn15pvaN8ZXitj74_QwVzmm1mUYz09TtrChcNgKGTHAFGZxQTmAARB80oPz-IYO49iiqUyomF-AsrPnJDU&sig=Cg0ArKJSzHUK6CyZpopQEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 04C4C94B4D2D3CA89AD7D5D81BA32BAC
Requests: 2 HTTP requests in this frame

Frame: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 73622FE1A39A0D1ED40185A509596FB2
Requests: 10 HTTP requests in this frame

Frame: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63417F891D3F840FE5F4B00727F29F77
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT1J4QABwxUH_Z7bAARL4AQct3swc6AL9-Ae1Q&u=%7CO%2Bwi9sHu4NE8uN6tZqawNCWCzsNGHdpGCzMg7hkGzNk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC864lKxkyLNlbsWtiuWr-uU5j42gUDSK87A0Bwn2mnO_P8yH6r6wO12JO5ESl4VYAiRPDRTAr45euNqbRnJEtJXEJH7TZ6NM1y2F5weDf5mGO3-UwsHBDgPjmM3BAYJoMRLXSCOqRnhOP19OEaaSzajrQ08Vkbgi02WGnL2t4KlygknOFQ8UY427zdaD4M3UB-nVbSHg9UDlzKcyk793DfFJ77P81evjC_AWUe-CqQ-mcQREUTCPYM6qt3ewBCUwZnSkt-wmcFYm1k_P53JLLxRfBQ_2sVLNOP8pqNBMu3oiF1uPkBVx_EX_irYYLY3VqMXi1Eq0OVPInqREAljoICmQ3u0W42jQ8HCfOkMQYVGkGt2XLwRXk7jswKO9Hl95oHjKqC_7hiFZWW2tjTu-YOD-E1lfQmvaubuBeUL9oFxna3K0KyzSbg-YH-DS55smi0hFZU6R07co6YGz0Nx-rZ7w81P4c6IBOO-IM9As1MrJvf3JQAq5Vy5cuiIKPRu_jb3WdQAKF21Foh3FLCGgkzLIAkwNBOZUFIFULt5dD1opR58qOxqDjJzk8uAYsPiqOTNQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoPm4Uk9ZZWGB9u99u8P4JeRgAfJntKxXKX8k_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpArTQghl_ubE-4AIAqAMByAMCqgSoAk_QR7er9WLu24gca5KwbRkA4zUvyzRC3x3ZYpTF24efjbhFy2GBhi5bkql8YP9MJc7PGwip6LBOLTu_cWXUJMM1eFnMgkO_gS6DdZfJWyGoB4E15ZL8e9qMxB_jP9ZXoXKU8C9fcNmyIi8EJjbPbO1X2dlTL-rcBXIvsInhTQ2kn08TPe_T3EM-mnTk3dcPpFZ29BScLa093Y0KYkPb0mhFX0C_VWfJiGLKKRlHwTXT-h_0y3tGFuuiQ7hJ6p2oZb2mpnwAr-Hy6BNP3MtYnX0AEl5CJ6VuWvMrmjvSgOKcNwsT7gQMEvrx2BQ3ZMNcnXoVJJP5md7SOjzIRZDWGoHo6yz_Rg26eaC60xti5K5bzdW6_Y-eD58gg0bIYBBCuNwPHdq-qPSO4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Dg2NjCEb8U35AaaGumsdXfGmG_g%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: D1927C4BD747F2634BAA8BB12B97D40F
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C2DCB8FD1CE6B38EEB680B64A46F7E1
Requests: 9 HTTP requests in this frame

Frame: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 201B6AE88C521A42EF4E720AC9F78F9A
Requests: 15 HTTP requests in this frame

Frame: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 479095A5029EB32D5392066359EDD55C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 4D2D2D7C7D2B940ADB35E537F8CFFD96
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDA1B2EE9B5DFF86B05B2D7558B9311E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9C5C18EF3ED96CCF2E23A19AF29BC401
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1ADB7D63B34954B0B7EFA76DED84CD5B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FZ9XXdmvjlIvw6QJ2t2pvLscGtIfNwGGEz70b-Okwhc.js
Frame ID: 6F64214C4CC4A9C2EE58FB2982FCB634
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tiktok Online Viewer | Tiktok Video and Tiktok Web Viewer

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

200
Requests

84 %
HTTPS

48 %
IPv6

48
Domains

66
Subdomains

47
IPs

11
Countries

1694 kB
Transfer

4333 kB
Size

49
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://www.tiktokstalk.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tiktokstalk.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tiktokstalk.com%2F&rid=esp&cc=1

Request Chain 50

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tiktokstalk.com&sn=ChromeSyncframe&so=0&topUrl=www.tiktokstalk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=InAjBXwzQW0wYWtMeG51SU9yVS9tSkhzRkR0bzZOaXNSb0tQeGFtOUFhcXhXdW1jbU9iMHh2SzlkM2F2RGhUQWZld05mN0xWNXlYZm5MSXo5Y2p5VEtMbkk4TjRvUGY0TG9YVHpiOWpvWmJ1LzNTYTlETEVZOFdNQmlnTzZmQkxya0JUcGJsZGtmaW54cy92SzFUdTRTNjRhVGR5QlFyNnhGTGZBQkNRemFBWk55UVJra3JBays0RWllc3FYU1lLanBldGgvUWNVVjc5eDA3WWZnOFV0eHFxM3FTdXVWenZTKzZzcmJjc2lQRHFtUFRubXpOVzNaMjR3dE13SFhROHpvVXFBcXBqNGd4ZjhKQWZSVlNKZGtCKzcwc1MyM05nNXdFd2RERnlHVXdqK09kWT18&cppv=2

Request Chain 104

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ddacb16a-a796-4436-937f-be224d0aa718&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=6100299b-53d5-4ce3-b31c-efab4a740da4&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D4ef70c0529784b7081257d5b1b0de2c4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2493420411275852102 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=4ef70c0529784b7081257d5b1b0de2c4&SNR=1&GV=2&med=10

Request Chain 113

https://ads.travelaudience.com/google_pixel?google_gid=CAESECLj0jjWONpX4DsrrLyUoZA&google_cver=1&google_push=AXcoOmSDtisaMEd8Hl7ZdffB4NGt-9N9t317ZUU6R6_Zfm2QSx7hi1vnIV5nA-Ko2CdPXUjWJ1OJH9WPmZH_hBsarrRAZdMz00WLqQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmSDtisaMEd8Hl7ZdffB4NGt-9N9t317ZUU6R6_Zfm2QSx7hi1vnIV5nA-Ko2CdPXUjWJ1OJH9WPmZH_hBsarrRAZdMz00WLqQ

Request Chain 115

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELY8FrhpcK0wusMOeUowqVk&google_cver=1&google_push=AXcoOmSU314ypDDSGun-ZFA1Zy5A_7jKWF8g6FzvI6LzHVOby-GSt2q7x5fJ90hzH8tk3AteMOyncQLcySrJf8WYkLUE29oj2GJXZw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELY8FrhpcK0wusMOeUowqVk&google_cver=1&google_push=AXcoOmSU314ypDDSGun-ZFA1Zy5A_7jKWF8g6FzvI6LzHVOby-GSt2q7x5fJ90hzH8tk3AteMOyncQLcySrJf8WYkLUE29oj2GJXZw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UQ28rW-ITP2sDDhoYyH5Cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSU314ypDDSGun-ZFA1Zy5A_7jKWF8g6FzvI6LzHVOby-GSt2q7x5fJ90hzH8tk3AteMOyncQLcySrJf8WYkLUE29oj2GJXZw

Request Chain 116

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFroq1ydP6jxL8I1Fu45cXw&google_cver=1&google_push=AXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698515425694 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-51bc9074-a33d-4df3-9dd8-4a40af01abec-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0%26google_hm%3DA1G8kHSjPU3zndhKQK8Bq-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0&google_hm=A1G8kHSjPU3zndhKQK8Bq-w

Request Chain 117

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESED9fWDbc-1AoAo04IcSvbYA&google_cver=1&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQuBfqSDCPNn7xgAP9oi-vzsuU1U0 HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESED9fWDbc-1AoAo04IcSvbYA&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQuBfqSDCPNn7xgAP9oi-vzsuU1U0&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQuBfqSDCPNn7xgAP9oi-vzsuU1U0&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=

Request Chain 118

https://an.yandex.ru/mapuid/google/CAESEF-LfcbBoho8WnxoWq5UeK8?ext-param=AXcoOmTgjnHxCQW9MCzv7-Mh8tlzlN9viwMn-__ooOLZ3t-9RcjglNpY8lrbqzbnLRynu_5Y9gch8khqZrivECGSy1pPzkwiuBvCq9Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEF-LfcbBoho8WnxoWq5UeK8?redir-setuniq=1&ext-param=AXcoOmTgjnHxCQW9MCzv7-Mh8tlzlN9viwMn-__ooOLZ3t-9RcjglNpY8lrbqzbnLRynu_5Y9gch8khqZrivECGSy1pPzkwiuBvCq9Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEF-LfcbBoho8WnxoWq5UeK8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 121

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c553cb78-abc2-4826-81bb-7a9f43d83390&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=9be71d64-741b-4167-a18f-ce4862a892d6&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3De1d799ea9e3a458db6efcc9cff16e7fb%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=2603266056535925180 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e1d799ea9e3a458db6efcc9cff16e7fb&SNR=1&GV=2&med=10

Request Chain 174

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFQqfZuyPOc-LT7Pb_q3s6w&google_cver=1&google_push=AXcoOmTWhZKgs43KPhatzlz-unhILYgU92XcmJxT75BkmWPBH_kLnP4IXv-MwnehBIinmAoQREYy7rZ1Mnq4R2EU6lvr6CkEm00w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTWhZKgs43KPhatzlz-unhILYgU92XcmJxT75BkmWPBH_kLnP4IXv-MwnehBIinmAoQREYy7rZ1Mnq4R2EU6lvr6CkEm00w

Request Chain 175

https://a.c.appier.net/gcm?google_gid=CAESENNPVt8Jp-Y0JIe0UuRc1GI&google_cver=1&google_push=AXcoOmT3V6Rjeyr9gqVkXFTg7MN6fRCngUK9F_x3aDbB_lTyFM0pwqv3C7-LPLW4qVftXauBKi-p75JjCLOq71k_aGtc1y4jde3_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Tms5cHFRWHZDRGkxVFY5czQwazlaUQ%3D%3D&google_push=AXcoOmT3V6Rjeyr9gqVkXFTg7MN6fRCngUK9F_x3aDbB_lTyFM0pwqv3C7-LPLW4qVftXauBKi-p75JjCLOq71k_aGtc1y4jde3_

Request Chain 176

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELBHAy5oUxtAHbn0nAt0Xw0&google_cver=1&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9N7WFLemM7KwL4ChdgTnoJrZ0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELBHAy5oUxtAHbn0nAt0Xw0&google_cver=1&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9N7WFLemM7KwL4ChdgTnoJrZ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM2Nzc4MjUyOTU3NDQ4NzY0Ng&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9N7WFLemM7KwL4ChdgTnoJrZ0

Request Chain 177

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEK4WOUt89xq9oeBPIiPEstM&google_cver=1&google_push=AXcoOmTLKgpZLHTtaSo3g6Rg3J_7aANAnL30vcLM0JxD1EwwOA3Nw31zGGTWZex_2VDE-ldLVLxx3Ws1V2X-fG2xtp5zhxKlvcQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTLKgpZLHTtaSo3g6Rg3J_7aANAnL30vcLM0JxD1EwwOA3Nw31zGGTWZex_2VDE-ldLVLxx3Ws1V2X-fG2xtp5zhxKlvcQ

Request Chain 179

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKV71fjCQCLSlo_FnS8DGJw&google_cver=1&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25WzIH105CpsJyFT9SmxC3LIGUbCMlu_dem-KiGf_QNoqV HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25WzIH105CpsJyFT9SmxC3LIGUbCMlu_dem-KiGf_QNoqV&google_gid=CAESEKV71fjCQCLSlo_FnS8DGJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ0NzcwMzk4ODk5MzA4NDgxNzMzMQ%3D%3D&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25WzIH105CpsJyFT9SmxC3LIGUbCMlu_dem-KiGf_QNoqV

Request Chain 180

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESELi8aJZjn7jsnXDe8uf49cE&google_cver=1&google_push=AXcoOmSDzRZ2DlJ3GvItO4MHD2_4fZukQZyLqiJ0BZmpgE7PzvyYT0DJCVx-g9RrMt-0sF0WfDPVW6TDUkh2Hq-mcZ7SKjM2BoMe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSDzRZ2DlJ3GvItO4MHD2_4fZukQZyLqiJ0BZmpgE7PzvyYT0DJCVx-g9RrMt-0sF0WfDPVW6TDUkh2Hq-mcZ7SKjM2BoMe&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=

Request Chain 182

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECfgu0hRguKsvq8VyVZ4gLs&google_cver=1&google_push=AXcoOmQyVrtjkG60pyHYzmGMyDk1ZqBJ2VMbGgYexeLRGuX7ZQKB4eO8wjfqcHqLqKUa67BHKoDqVkCafOR9ELxamZHzCBgtFkzS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQyVrtjkG60pyHYzmGMyDk1ZqBJ2VMbGgYexeLRGuX7ZQKB4eO8wjfqcHqLqKUa67BHKoDqVkCafOR9ELxamZHzCBgtFkzS&google_hm=IZ2J9wrHS7WhxIh0XRGN1ho

Request Chain 183

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBi2q2gsQBVy-6Nz_qICGEA&google_cver=1&google_push=AXcoOmSrZgKkqOrg0dPoj8Q5A0zfaO1Q7CrZp71AfPxeBdrSjg3xNRuI6SM1PCQ2SJUQhjXyyGlM85zH7La3EzugGTgR6zBzcrpz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTA2ODIwNjQyOTEwODM3MA%3D%3D&google_push=AXcoOmSrZgKkqOrg0dPoj8Q5A0zfaO1Q7CrZp71AfPxeBdrSjg3xNRuI6SM1PCQ2SJUQhjXyyGlM85zH7La3EzugGTgR6zBzcrpz

Request Chain 184

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRMkFzlLSaeAIZbLfSqsvpuG5WLWVqemfQJJRjr7ndQ2VOKUv-nkeSjn3LKhIVHjogibdOQJOC29gh0VAGFDc4ou5x1wsTU&google_gid=CAESEMB979w2MuiNRFuDH8cq-9U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cUhuom1NfpGk2jLFENA_fqDuKtW5FffrNv9Y8g&google_push=AXcoOmRMkFzlLSaeAIZbLfSqsvpuG5WLWVqemfQJJRjr7ndQ2VOKUv-nkeSjn3LKhIVHjogibdOQJOC29gh0VAGFDc4ou5x1wsTU

Request Chain 185

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELA5s6llDU_RJkxb1dDibrs&google_cver=1&google_push=AXcoOmTnsuuj1AbxmOyTjZs_TIt-QUzTdn3NDYCsOzsbWKq8wHkO3iYNoKDX4W1cRZzEbct_3RDh_0XERCLQDk6mrd2RZmxXqtU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTnsuuj1AbxmOyTjZs_TIt-QUzTdn3NDYCsOzsbWKq8wHkO3iYNoKDX4W1cRZzEbct_3RDh_0XERCLQDk6mrd2RZmxXqtU

Request Chain 188

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJhsf7VNVcgzOzvZuLf1FHI&google_cver=1&google_push=AXcoOmRJXyKMzwYhBOr94uLgtX7-3enr7PK6WIgT1rNtB0PGRixIc9OZRf4TvNMjonzeKLPMRDUzzZ9lQv6ZqfwMp_fNXy0cnB-lRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRJXyKMzwYhBOr94uLgtX7-3enr7PK6WIgT1rNtB0PGRixIc9OZRf4TvNMjonzeKLPMRDUzzZ9lQv6ZqfwMp_fNXy0cnB-lRA&google_hm=NjE3OTk3MDMwODM1NjgyMTYx

Request Chain 190

https://a.tribalfusion.com/i.match?p=b6&u=CAESELmOEfwaRGK5lkS_Jej2yQk&google_cver=1&google_push=AXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELmOEfwaRGK5lkS_Jej2yQk&google_cver=1&google_push=AXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 191

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESED2O_s5wxenLaa7PWjAQ4QQ&google_cver=1&google_push=AXcoOmQ9vxyttmmQJGZ79znofpupgzqUzucwZ6Og4SmT5B7sk3mc8VVyMwf-I4tRhvPbVdh-ulFzcSLSc3fjeHCsy52piXoZcx-q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9vxyttmmQJGZ79znofpupgzqUzucwZ6Og4SmT5B7sk3mc8VVyMwf-I4tRhvPbVdh-ulFzcSLSc3fjeHCsy52piXoZcx-q

Request Chain 192

https://fksnk.com/cs/google?google_gid=CAESENzMlHr_OtKdB21hP0P_Bq0&google_cver=1&google_push=AXcoOmS9IywusX9ldVkArx1GZMiEMftncPYDtBq4h2NYBDyN1PpXs15K5xXjywAf3_i_8lnuFl4jj41cZsKlgK5_fDGchtpbBQk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDhEMEExMTY0NkNDMTdFNQ==

Request Chain 193

https://ads.travelaudience.com/google_pixel?google_gid=CAESENCLiwH6gyE42kwORhG37QY&google_cver=1&google_push=AXcoOmQidT_JhzPU78v7UBClMyZ1nabaMd09k8HMjGGggk1BKpwvcxTj_zN0BYngfLuDZN3-Ovmh_hqhkHLHp27MrT7jekk09YL2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmQidT_JhzPU78v7UBClMyZ1nabaMd09k8HMjGGggk1BKpwvcxTj_zN0BYngfLuDZN3-Ovmh_hqhkHLHp27MrT7jekk09YL2

Request Chain 194

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHlAeyVfAnFPWhB8O-mXPu0&google_cver=1&google_push=AXcoOmR5ZTb6-WheYAOPEEjeODCTO0BoYNPg2HNetHjW3QFeC3nGWBT9PYe0e-P2p59x3-BBwsfJCCOmiKww-uAy50hEX3qOyCNa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5ZTb6-WheYAOPEEjeODCTO0BoYNPg2HNetHjW3QFeC3nGWBT9PYe0e-P2p59x3-BBwsfJCCOmiKww-uAy50hEX3qOyCNa&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=

Request Chain 195

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENyUBKTgU5Q_jdYzmf4Pss0&google_cver=1&google_push=AXcoOmQ_M9bKkwTdEkyYeHQYqJcKZVanJ6cOtKBtBDlXtIe2XIlzoLsUyiOjUQ1O4Unwl6Aijda980KIMsDjrK0gJrP-91wv8sf_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ_M9bKkwTdEkyYeHQYqJcKZVanJ6cOtKBtBDlXtIe2XIlzoLsUyiOjUQ1O4Unwl6Aijda980KIMsDjrK0gJrP-91wv8sf_&google_hm=WlQxSjQ4Q281czhBQUREZm5ib0FBQUFB

Request Chain 200

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ddacb16a-a796-4436-937f-be224d0aa718&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=6100299b-53d5-4ce3-b31c-efab4a740da4&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D4ef70c0529784b7081257d5b1b0de2c4%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=6932594&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2493420411275852102 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4ef70c0529784b7081257d5b1b0de2c4&tids=1&med=10

200 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tiktokstalk.com/ 12 KB
4 KB 420ms
350ms Document
text/html 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 829c9a9ce0063073939fee8d32e7524cd99fc92272fc932129e3541f152323de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d505530af6915f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 28 Oct 2023 17:50:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrudziTf%2FrNI2nlfl%2FHKjLwRt76WE5gIM2iTz%2FUiG2nlcnvQS6ROzRbI9ElvnRdtfQC8e5qoU6bALPhyW4F5XtxKcBrtJyqTYIw7jiWvNNwev422kZEx1QdXcInYC%2FGms0qJ4WqyFgjqLd%2BosY4JvR7e"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 bundle.js Show response
www.tiktokstalk.com/public/build/js/ 383 KB
121 KB 786ms
781ms Script
application/javascript 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktokstalk.com/public/build/js/bundle.js?v=0.2
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 007e8b6b42bef63c417a0d4825e6a70a5d5a2e47966fafb2783995c81f42f79a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"5fbfc-184e38efd59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YS%2B1YXBJ5xkpsAfbX8QT8o7x4HYW1dxMhG5T2MK5avz8F1KbraID9H1c6pfYcRBwX84hFmur6ml%2BTfCKeUuFHrqbblPcivbeHyEoBADN5EQkTckVDuK73eA4NKVXdDZhLB%2B4T5oFnD9ipA4XTK3cb9Rt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 81d505554e8b915f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
www.tiktokstalk.com/public/build/css/ 246 KB
37 KB 505ms
501ms Stylesheet
text/css 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktokstalk.com/public/build/css/main.css?v=0.2
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9fed20c2d3bdb68a022d606f9d2a75ab380c5ee1ffca22a23075a791885833a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 17 Dec 2022 21:40:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d860-18522085e0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOM62ZwNjEKjYKCDr8uk1bdyzasnJkxt7CKgPQ6cYDC%2Fb4zUDixfOyepevSemHPKo77dQe0ZzRd7XEcTN8Xz5xEQHMYBRosIQY9eTsAvrgJN%2BaE4%2B3wZHJa0QVauO6bHm2lL9MdJtWnyctkoDCPEIkIQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 81d505555e8d915f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 98ms
45ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-138DD411QN

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e7595acf05a5077389017b0bc43ab2ac934f6df1ba35bd530aaf07aec86872b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 28 Oct 2023 17:50:24 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 277ms
211ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17b08e3daaaa3f14f958459ee346e103e17d3fb136be04281fd4d5d71addb2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HD4CP4S6RDT94YR3S4B7D0T8
date: Sat, 28 Oct 2023 17:50:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 1111
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"3419363b51a9e9c7d7a3140a2b073098-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 81d50555b9f76aba-FRA
link: <https://live.demand.supply/impl.v17.16.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-10-0/d3d3LnRpa3Rva3N0YWxrLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 tiktokhub-logo.svg
www.tiktokstalk.com/public/img/template/ 12 KB
5 KB 362ms
360ms Image
image/svg+xml 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/template/tiktokhub-logo.svg
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e4321f1f30031669595106fb04becc2af533906b25379795c5f4bc54d7608c80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2f65-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60YXFB3GOunFyFUlf5MNVHzu%2F1aMN4uTvN4Kp0UEMhMwInNtEPXgCcFeHTxEhtCLYRpB35WjpUCiSEp1vVeQAxkFTQzOzuy9qLYyBfBQHgQMcULtCIgSYN3%2FLTR4AN%2FRwYBHxDsD%2BxdyFE90OlrR%2FNC0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 81d505555e8e915f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 loader-card.gif
www.tiktokstalk.com/public/img/template/ 87 KB
87 KB 641ms
639ms Image
image/gif 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/template/loader-card.gif
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 769fc859729b2fe931a61fd68dac77dd02f7fcec1e00937b74f82a57245c7231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"15ad3-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoClttBCqz65ADjHvHyW6ZORnIpuBzOt2hDn0oUwQlTlmEMRD6US6k%2FkvTn7Zk0mZmywwlr%2BXeSiRVaiGjCiZoBM18WxyQMSK56Xy2Pn8l%2F0Sh1NKmiROWvRCTqvkhlPkeCqGVZ5OToiGJN74C5JBuVM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d505555e90915f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 88787

GET
H3 200 tiktokhub-footer-logo.svg
www.tiktokstalk.com/public/img/template/ 12 KB
5 KB 349ms
348ms Image
image/svg+xml 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/template/tiktokhub-footer-logo.svg
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ba51c1b5f7bf6a340bfb6eacb27e3d91ccd7f55765721aed346e5e4c9deee26c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2e23-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLYaJCLvF1UgxwKbRV5bIV%2BfkWQwtuZPqdNo55yIYZ%2Be2UA%2BfC7dkZE0nWFVzPtMeATE4Zw7ghaTTFBcSkG%2FV8tNwEMexWUp6xOzkpOL3nHya0WOv2hGelqWlOpG4FqLjnnxT4CgTuNERRjbMkHBZgxV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 81d505587cab9220-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
7 KB 98ms
21ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 22:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 22:16:13 GMT

GET
H2 200 impl.v17.16.0.js Show response
live.demand.supply/ 83 KB
27 KB 155ms
152ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v17.16.0.js
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 254ed2440d3fe989e8e3e2f2a892760cd72ec637fffa6a2955e2c95895c0feef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HD4BW6RR1C14CQZDABBY9F47
date: Sat, 28 Oct 2023 17:50:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 782919
cf-polished: origSize=84854
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2ee107da8e651075e55d02eba7479e77-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 81d505571c4a6aba-FRA

GET
H2 200 d3d3LnRpa3Rva3N0YWxrLmNvbS8= Show response
live.demand.supply/p4/v17-10-0/ 2 KB
889 B 598ms
597ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v17-10-0/d3d3LnRpa3Rva3N0YWxrLmNvbS8=
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f7f35c0a4c174baddea403f8f1d03b0c881a3e89ac7ce33da009f613f58fcf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 81d505571c4e6aba-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 16:24:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 17:50:24 GMT

GET
H3 200 icomoon.ttf
www.tiktokstalk.com/public/fonts/ 7 KB
5 KB 346ms
345ms Font
font/ttf 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tiktokstalk.com/public/fonts/icomoon.ttf?kfijp9
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/public/build/css/main.css?v=0.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ed69671783a9c5d9d65c23385f3df20ad40c36c987621829f2df770f91c7778c

Request headers

Referer: https://www.tiktokstalk.com/public/build/css/main.css?v=0.2
Origin: https://www.tiktokstalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1c44-184e38efd59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsOI1ofZjpHwWQWqTkW%2BgjRoTG%2FULRjzeVBGMC0Lw7NZA%2FM4aSM0vE2ZRQZZBIDBzwp4WuWVGZxuGQWMnW3huqQCJaTVWlTI1bYR7TRviX53F04ZYlTF9uWUIktdrRi4cy%2Fhow5mPJQe9yErZz%2BxMbIs"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400
cf-ray: 81d505588cb69220-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 191ms
166ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=281&cs=c&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d50558cdf365c5-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 172ms
114ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c922c7be49745ab337127b5355fe9805e0cc9bc2e0cde6436e2eeb3941f6eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29816
x-xss-protection: 0
server: cafe
etag: 461 / 19658 / 31079073 / config-hash: 13942866851986637457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 28 Oct 2023 17:50:24 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
624 B 158ms
134ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HB41XECKQ26DBMYDX8W9KZ1J
date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1499992
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 81d50558cde965c5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tiktokstalk.com_fluid_lb+sq_thomeads Show response
live.demand.supply/cp/ 30 B
372 B 388ms
384ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/tiktokstalk.com_fluid_lb+sq_thomeads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd72a9009e981b663873c89613c0854fc29c208b509ebe3209e2fcf9589de24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 81d50558cdf165c5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 tiktokstalk.com_fluid_lb+sq_theaderads Show response
live.demand.supply/cp/ 29 B
371 B 383ms
379ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/tiktokstalk.com_fluid_lb+sq_theaderads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf51d49abd8494fd51a9f74b6210533d6b78f8566c82e20e326c454bd42de947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 81d50558cdf565c5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
480 B 139ms
136ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HB41XEE1A3YNJH7YBSZN3Y6R
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d50558cdf765c5-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tiktokstalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 135812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 72ms
26ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tiktokstalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:18:02 GMT
x-content-type-options: nosniff
age: 95542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 15:18:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 88ms
43ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tiktokstalk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 15185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 13:37:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 114ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-138DD411QN&gtm=45je3ap0v898270631&_p=1592330245&gcd=11l1l1l1l1&cid=918787943.1698515424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698515424&sct=1&seg=0&dl=https%3A%2F%2Fwww.tiktokstalk.com%2F&dt=Tiktok%20Online%20Viewer%20%7C%20Tiktok%20Video%20and%20Tiktok%20Web%20Viewer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-138DD411QN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 421 KB
132 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 10:36:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26061
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135211
x-xss-protection: 0
server: cafe
etag: 17495413759700775962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 27 Oct 2024 10:36:03 GMT

GET
H3 200 tiktokstalk.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
375 B 284ms
284ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/tiktokstalk.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac2e27e302580c00456f97202355258a9b76d107d4c0f34f6ce5a63ba291a915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 81d5055ad97165c5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 31ms
31ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d5055ad97b65c5-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 88ms
39ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: JWJDAN1XR6GATQDQ
age: 1919
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81d5055b4f6439c4-FRA
x-amz-id-2: Ef+zRSY5m1l5O/qNEP9qXrov5kpci+PWBE+duOZn8RfWRfK8fxpzs/23mChcD+sxFKSVyfSeJCnE1vDWU3gxhg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 88ms
29ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6242
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdausvwwxjc6I%2Fx5WKxGnQYTpDNiDdvXOpYSeumIeTDdk%2BYHTE9fIPi%2FXREZoCoXK6AHVwk4VC0cpqV2M21%2B9FYo4jQIF5UQW7%2FBE6boR%2FpbmSaBvj8AG0nIN1jhY4TzA1iXgfQzLXAXkf6QKZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81d5055b5bae30ed-FRA

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 104ms
22ms Script
application/javascript 2600:9000:223c:8c00:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:8c00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:10:18 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 2407
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4oduXvJY_4YbIZDKl1kQHnOEJ6BLHAI2QdCwO3KFMjPQ5j47b2rEyA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 160ms
82ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 11 Oct 2023 08:53:04 GMT
server: nginx
etag: W/"65266270-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:50:24 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 9 KB
4 KB 114ms
30ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c45c671190fb8deb70cd574cb0e63b52c671855bb4cb7de28b273c37538c9221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 20:21:19 GMT
server: cloudflare
age: 161949
etag: W/"653aca3f-251f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 81d5055b8fb95b8c-FRA
expires: Tue, 31 Oct 2023 17:50:24 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 86ms
23ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 02:29:26 GMT
content-encoding: gzip
age: 228058
x-guploader-uploadid: ABPtcPqHbjqPhKh2g3rLNDONjQOKU61Px7tzqzBh7WkCYt0i0BsdHalj9-b0OPiPUoULQhA2lZHQGq8cBXCis3HntxktCwlYb4qI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 25 Oct 2024 02:29:26 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 110ms
43ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 2fcc21644f9d274d8535052683279fea
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 160ms
44ms Script
text/javascript 2600:9000:2250:ce00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ce00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sat, 28 Oct 2023 05:50:54 GMT
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 43171
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: PA2qw8MywxGQDVzjRlhJweGlyi5uCGvgwsrXOQ5vsbrE4cqsWDbwCA==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 80ms
22ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 03:07:00 GMT
content-encoding: gzip
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 53005
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: OvL4DbFNdQd0LQAaTF-8Y4OOUimgVv_nYSJfWC6atg79OxhVsmbm-A==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
740 B 441ms
440ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=1852105352657652&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2C4666c251-b239-4fa0-b0fb-c1583e8226c2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698515424462&lmt=1698508224&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjLqaK7tzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjLqaK7tzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGMuporu3MUgAUgIIZBIZCgpwdWJjaWQub3JnGMuporu3MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UYy6miu7cxSABSAghkEhQKBW9wZW54GMuporu3MUgAUgIIZBIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yy6miu7cxSABSAghk&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26interstitials-bid%3D11%26bid-p%3Dgoogle%26bsc%3D84&adks=3773153539&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0786bfe9bfb98e718267cee2454ff0680ee52cd746e0265e997eee961362537a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 709
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B3C4 6 KB
3 KB 112ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:24 GMT
expires: Sun, 27 Oct 2024 17:50:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 39 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl_page_level_ads.js?cb=31079073

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 14:40:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11402
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
server: cafe
etag: 13787945745808829369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 27 Oct 2024 14:40:22 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 146ms
146ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_fluid_lb%2Bsq_theaderads&pdc=0.3801946878433227&ucv=null&e=tcp&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d5055b29fe65c5-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
484 B 140ms
140ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_fluid_lb%2Bsq_thomeads&pdc=0.44106121063232423&ucv=null&e=tcp&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d5055b3a0565c5-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 480ms
480ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=933713107877353&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2C62a3fb4a-4ecc-4c01-a8eb-4b7e047756fd&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698515424526&lmt=1698508224&adxs=248&adys=980&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=1104x116&msz=1104x116&fws=4&ohw=1110&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjLqaK7tzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjLqaK7tzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGMuporu3MUgAUgIIZBIZCgpwdWJjaWQub3JnGMuporu3MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UYy6miu7cxSABSAghkEhQKBW9wZW54GMuporu3MUgAUgIIZBIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yy6miu7cxSABSAghk&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26chrand%3Dy%26pof%3D0%26bid%3D0.18%26bid-p%3Dgoogle%26bsc%3D84&adks=394271412&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f17202f689f99bc76c3021a6493915dbb76672987a947cbc08d9a74f7809662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12432
x-xss-protection: 0
google-lineitem-id: 5564063177
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 507ms
507ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=1372763938046516&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2Ce9fed0fe-aeb4-4c98-b484-1b0e1a07b375&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=740x280%7C480x320&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698515424534&lmt=1698508224&adxs=428&adys=488&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=744x116&msz=744x116&fws=4&ohw=750&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRjLqaK7tzFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBjLqaK7tzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGMuporu3MUgAUgIIZBIZCgpwdWJjaWQub3JnGMuporu3MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UYy6miu7cxSABSAghkEhQKBW9wZW54GMuporu3MUgAUgIIZBIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yy6miu7cxSABSAghk&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26chrand%3Dy%26pof%3D0%26bid%3D0.32%26bid-p%3Dgoogle%26bsc%3D84&adks=768815818&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8f594e8779ca5205ba5552f5c5eef35811f96481fea3b4cf7e008c9fdda266d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12486
x-xss-protection: 0
google-lineitem-id: 5564064410
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 147ms
44ms XHR
application/json 54.75.204.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.204.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-204-82.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ee92eb293b75183adfc82e5e3453ecd669eddfd7386e032f02719470a081dadb

Request headers

Referer: https://www.tiktokstalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache
x-server: 10.45.20.218
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tiktokstalk.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tiktokstalk.com%2F&rid=esp&cc=1

85 B
203 B

132ms
132ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.tiktokstalk.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 283c2c9f8d3d4427441e7ced76fd05e66367cb0fac07823f9c91da71ba98df79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-9BVdrrNql9ZC4UDIfLQzBm77jTs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tiktokstalk.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 28 Oct 2023 17:50:24 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.tiktokstalk.com
location: /esp?url=https%3A%2F%2Fwww.tiktokstalk.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
206 B 117ms
26ms XHR
application/json 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.tiktokstalk.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.tiktokstalk.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
235 B 80ms
23ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tiktokstalk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tiktokstalk.com
date: Sat, 28 Oct 2023 17:50:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FC46 15 KB
6 KB 113ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.tiktokstalk.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:24 GMT
server: Kestrel
server-processing-duration-in-ticks: 254237
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_auto_728x90_sticky_display_bottom&pdc=0.27171692848205564&ucv=null&e=tcp&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d5055c9c4165c5-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 35ms
35ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HBJZZ44CAFR65TFZBXM7RQDX
date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2019350
etag: W/"fd25a687c0643903872af023209232b9-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 81d5055c9ae01c07-FRA
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
481 B 137ms
137ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=tiktokstalk.com_auto_728x90_sticky_display_bottom&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HB41XEE1A3YNJH7YBSZN3Y6R
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d5055c9c4665c5-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 370ms
370ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=2894223662008971&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2C878fca97-57cb-4609-a306-88e23178817c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698515424735&lmt=1698508224&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRj1qqK7tzFIAFICCG8SHAoNY3J3ZGNudHJsLm5ldBjLqaK7tzFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGMuporu3MUgAUgIIZBIZCgpwdWJjaWQub3JnGOyqoru3MUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UY8aqiu7cxSABSAghqEhQKBW9wZW54GMuporu3MUgAUgIIZBIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0Kuiu7cxSABSAghq&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26chrand%3Dy%26pof%3D0%26bid%3D0.19%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D84&adks=2292358229&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

214c702498c8800f052c7e7e5bab05e860e1e20c81c71b74ad15084dee9017b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12442
x-xss-protection: 0
google-lineitem-id: 5564063189
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FC46
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=tiktokstalk.com&sn=ChromeSyncframe&so=0&topUrl=www.tiktokstalk.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=InAjBXwzQW0wYWtMeG51SU9yVS9tSkhzRkR0bzZOaXNSb0tQeGFtOUFhcXhXdW1jbU9iMHh2SzlkM2F2RGhUQWZld05mN0xWNXlYZm5MSXo5Y2p5VEtMbkk4TjRvUGY0TG9YVHpiOWpvWmJ1LzNTYTlETEVZOFdNQmlnTz...

449 B
657 B

39ms
38ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=InAjBXwzQW0wYWtMeG51SU9yVS9tSkhzRkR0bzZOaXNSb0tQeGFtOUFhcXhXdW1jbU9iMHh2SzlkM2F2RGhUQWZld05mN0xWNXlYZm5MSXo5Y2p5VEtMbkk4TjRvUGY0TG9YVHpiOWpvWmJ1LzNTYTlETEVZOFdNQmlnTzZmQkxya0JUcGJsZGtmaW54cy92SzFUdTRTNjRhVGR5QlFyNnhGTGZBQkNRemFBWk55UVJra3JBays0RWllc3FYU1lLanBldGgvUWNVVjc5eDA3WWZnOFV0eHFxM3FTdXVWenZTKzZzcmJjc2lQRHFtUFRubXpOVzNaMjR3dE13SFhROHpvVXFBcXBqNGd4ZjhKQWZSVlNKZGtCKzcwc1MyM05nNXdFd2RERnlHVXdqK09kWT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1e027ae8d3bda41933fb2571c951d59b59c889b316ca495833acbc8915135f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1617136
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=InAjBXwzQW0wYWtMeG51SU9yVS9tSkhzRkR0bzZOaXNSb0tQeGFtOUFhcXhXdW1jbU9iMHh2SzlkM2F2RGhUQWZld05mN0xWNXlYZm5MSXo5Y2p5VEtMbkk4TjRvUGY0TG9YVHpiOWpvWmJ1LzNTYTlETEVZOFdNQmlnTzZmQkxya0JUcGJsZGtmaW54cy92SzFUdTRTNjRhVGR5QlFyNnhGTGZBQkNRemFBWk55UVJra3JBays0RWllc3FYU1lLanBldGgvUWNVVjc5eDA3WWZnOFV0eHFxM3FTdXVWenZTKzZzcmJjc2lQRHFtUFRubXpOVzNaMjR3dE13SFhROHpvVXFBcXBqNGd4ZjhKQWZSVlNKZGtCKzcwc1MyM05nNXdFd2RERnlHVXdqK09kWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 290915
content-length: 0
expires: 0

GET
H3 200 trending@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 6 KB
6 KB 345ms
345ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/trending@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c88af004e8da4a5f648cbfb7edf5b6b0462f3357e416151409329dc5c9aa6c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"16b9-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zso995VU2Q%2B00URN404nOGXjFFR8Fasl9SacAcGAfc0P96gP5OTGcEMVjT4L8bm5fDRUqHL3cGIImNhuapFh58fKJM1Ib%2BUwLbsbz9Km%2Fh%2FVe9MXiKDB2TZUZENdznOrY8YBdd%2FeWhPz3jATp%2Faau2Pu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055cf9439220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5817

GET
H3 200 viral%20videos@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 5 KB
5 KB 365ms
363ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/viral%20videos@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7de09b15b366d4d073ab57fdbad52f97b396a8f85b3ff5e2aaadeebd4ed99881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"140b-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3wdRTaed4NrnCOrGtlMRB9nFGJQbiW1DUgMxu5qO4lXTqidhgnAhiSNIOLSfnwidwJrxkoaXclgutkTg%2BS7flFDXbxGQafYq1hVJkUwqRMRDg8yTXEHkGeJ2DILSaKociSHWAIF7Ju%2FSzpgMcZZxflX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055cf9459220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5131

GET
H3 200 memes@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 7 KB
8 KB 344ms
343ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/memes@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b330d6d96ff049bb29d7fe7a8f9296378c8ebe4ab30ebff901986bff072064fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1dd3-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTrbOgHaInxc60cINmwHQ2evf%2Bnu5vjecDPEQI%2F13y6kd3QESkdTD8C%2FCp8%2FJqXFmwqqbhf5Z2oCptLGr1r3FuAAblvtDwbju%2FG2H8rwLDpVz4fSO7olYs%2BPuXqxFP5jHtq2GYsQ2ltlU%2Brvypo2u8Lo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055cf9479220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7635

GET
H3 200 love@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 9 KB
10 KB 365ms
364ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/love@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27f99d39db30437124397a74027e903b620e5aad550b6e45633646f5608d164c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2461-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amRnvBx3kPVX%2FQ%2BWfgezXamGYYG6J233oBAT6Mh6Eu0y1Uy67nrj1kKFL2QR9mvTRyCm%2FGnQ5AcsqlQfkux5zBGt1FIKwMNyduExeoHar4rXw%2BmOsuBT%2BguCOdidZm9iMdJxWVoMRs8shzQN0kHwR5pz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055cf9489220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9313

GET
H3 200 dance@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 8 KB
9 KB 365ms
364ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/dance@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ea640670dd32d8ee4cdfcb5d8157417f87fc1ec24171f663606e17df528b1c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2055-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uS5NKQHD0wTj7OulcE0YFa0tN9tcv6HroiXxCSoKboXe0Acx5RWpbRqznkrr3%2BC8vHg%2BpBJ9BnedbdpHSCO2favaOxPaTfUVBlPFrW5X4TuadkFYqwPuITvB5J%2FdS3Jcamf%2BaPLvAQbSyZTTRb%2FWNh%2FJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055cf9499220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8277

GET
H3 200 girls@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 7 KB
7 KB 384ms
384ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/girls@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8d79f7d0dcf0433c3a56abfa1154fbdfdfa6fa72ccc25fdda8b7a3036aee8330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1ab5-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFr13xOgVPkyptqqanWk7Vd74z02ZQ1N7BOqLjcBXg1nnFcC1%2FrQmtwLqKB2Vcrsndpi1JL7rmVXNQI%2FM2ntgLpc80tYC3levlih4KWJj2%2FoMigcqEPqBVaA0Op1nsV3cQgZeVYUQIdkb0E68WmkMW0X"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055cf94a9220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6837

GET
H3 200 funny@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 8 KB
8 KB 385ms
384ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/funny@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: afa08d084ad6b30e5f1a636f36637eebcbc8a9b29e82e5888ed115c2d2a9a874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1f3f-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2wiXOHlmszorjj5%2Bml1C%2FgHT0jNtBul32ocKz2V7%2B%2BP%2BeX3r2YGdiFnXSrt8cQxg5MaaW8yHrLO9ljFrSxythJ2942p84OKGEE5CDF%2F%2BpyNc8MpT1WquXrdB7NrqoO%2Bmh1Qn%2BxrlSaTIhZIDhO5zmYE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055cf94b9220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7999

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 128ms
72ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f48cd775e93d118d43b8199505f1f530e18bf89b510862c63e3215174f87f87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12188
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 145ms
145ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_auto_interstitial_desktop&e=nai&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: HIT
age: 1736242
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d5055dce6865c5-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 34ms
34ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_auto_interstitial_desktop&sn=2&ific=false&e=iar2&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:24 GMT
cf-cache-status: HIT
age: 1736241
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d5055dce7e65c5-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 183 KB
52 KB 851ms
851ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=735158481321950&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2Ca92fcd3b-f771-4df4-97bf-e97bedae4e2b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D9c4cd7453803d052%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MYVbW-ceOBF-bluTkIYMt2LRRBTgg&gpic=UID%3D00000cac0e5c027b%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MZBXHm9gW4_VBTYHpnIj7EkTuwfyg&abxe=1&dt=1698515424923&lmt=1698508224&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYy6miu7cxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjLqaK7tzFIAFICCGQSGQoKcHViY2lkLm9yZxjsqqK7tzFIAFICCGoSGAoJeWFob28uY29tGPWqoru3MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UY8aqiu7cxSABSAghqEhQKBW9wZW54GMuporu3MUgAUgIIZBIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0Kuiu7cxSABSAghq&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D84&adks=2031246883&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6196858bca441c793bc70827260ff5cd02ab1d9fa97dfca4d9679b1de96376cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52893
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 123ms
74ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 17:50:25 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame FFEA 0
176 B 90ms
33ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 28 Oct 2023 17:50:25 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET view
securepubads.g.doubleclick.net/pcs/ Frame 9335 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9335 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 509ms
509ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=3001895127278240&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2C424360ba-ac2e-4546-b4ef-d8589ec3d649&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280%7C750x300%7C750x200%7C930x180%7C970x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Deba344759a4c3e17%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MZuLkz_zJQiJIUn5HV4ZuV0PyhG_Q&gpic=UID%3D00000cac0ee13fdf%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MbLqBOK9A9BHYBkzZeA68M5gLmPRA&abxe=1&dt=1698515425029&lmt=1698508225&adxs=248&adys=980&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=1104x116&msz=1104x116&fws=4&ohw=1110&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYy6miu7cxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjLqaK7tzFIAFICCGQSGQoKcHViY2lkLm9yZxjsqqK7tzFIAFICCGoSGAoJeWFob28uY29tGPWqoru3MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UY8aqiu7cxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVl6RlFXRTA1VFRGVVNWTmhUMUJYY1d0MmNuY3JRVDA5SW4wPRiyraK7tzFIABIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0Kuiu7cxSABSAghq&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&adks=3775928899&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ae3bc20a43b20aed3d3202c84576cde8576f1288a10c73c441a24416476582d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19811
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 9C68 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9C68 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 415ms
415ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=745544493164011&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2Cd66eaf94-b754-4a0f-a648-0bb6ae217101&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=740x280%7C480x320&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D0294b5bf834869f5%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MbOMhEveizpV1CYPTwHgcJfNFP2FQ&gpic=UID%3D00000cac0e4a1b4b%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MYqeL6ta_zjoE9CwaayhKtsB4YW9Q&abxe=1&dt=1698515425073&lmt=1698508225&adxs=428&adys=488&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=744x116&msz=744x116&fws=4&ohw=750&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYy6miu7cxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjLqaK7tzFIAFICCGQSGQoKcHViY2lkLm9yZxjsqqK7tzFIAFICCGoSGAoJeWFob28uY29tGPWqoru3MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UY8aqiu7cxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVl6RlFXRTA1VFRGVVNWTmhUMUJYY1d0MmNuY3JRVDA5SW4wPRiyraK7tzFIABIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0Kuiu7cxSABSAghq&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&adks=3707072078&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96fa3111a0a009e2b7ef6a3a1d1abc4e25e128082758ae8e74194a2b5957a32c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16690
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D665 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 13:11:49 GMT
expires: Sun, 27 Oct 2024 13:11:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D335 829 B
1 KB 78ms
29ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be4fb8b1b42b58251efb9402604dadb8451ff86115db4ae6c1889b52d160a581

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NVlLVJQi_y-ffYx-dhwdgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NVlLVJQi_y-ffYx-dhwdgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:25 GMT
expires: Sat, 28 Oct 2023 17:50:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET view
securepubads.g.doubleclick.net/pcs/ Frame 04C4 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04C4 0
0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 370ms
370ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1642748965955056&correlator=781026891372909&eid=31078136%2C31079073%2C21065725&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fif&iu_parts=44890869%3A22493390717%2Cca-pub-3831894559014614-tag%2Ce3160ef7-c68c-420a-a656-499480d00d1a&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da024ea94cb3847d9%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MZKnrBX8lOtfq5emG3YOpiCMPpVeg&gpic=UID%3D00000cac0df8069e%3AT%3D1698515424%3ART%3D1698515424%3AS%3DALNI_MbtO7CpWjRA5vWztyQcacFFa-Eb3A&abxe=1&dt=1698515425141&lmt=1698508225&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.tiktokstalk.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=918787943.1698515424&ga_sid=1698515424&ga_hid=1592330245&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYy6miu7cxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjLqaK7tzFIAFICCGQSGQoKcHViY2lkLm9yZxjsqqK7tzFIAFICCGoSGAoJeWFob28uY29tGPWqoru3MUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRjLqaK7tzFIAFICCGQSFwoIcnRiaG91c2UY8aqiu7cxSABSAghqEj4KBW9wZW54EixleUpwSWpvaVl6RlFXRTA1VFRGVVNWTmhUMUJYY1d0MmNuY3JRVDA5SW4wPRiyraK7tzFIABIZCgp1aWRhcGkuY29tGMuporu3MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0Kuiu7cxSABSAghq&dlt=1698515423555&idt=860&prev_scp=ti%3D15fb51f4-807d-4151-a910-2e91b99dd249%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D84&adks=1275878075&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64efe899a2ac5dd2d82a7d9a23b32ce3de9ec72206e14e62bf792d4207ec38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19759
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tiktokstalk.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 memes@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 7 KB
8 KB 186ms
186ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/memes@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b330d6d96ff049bb29d7fe7a8f9296378c8ebe4ab30ebff901986bff072064fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1dd3-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFo01p6S9Nz6PJv6yuit%2FOyq4Y0c3H43QSJLqfijvDgHLEA77oi4kBRAM3ysN5i%2B7qbyGR0UQW9omukmZkrkJiNoGrUWkFYoKKzc%2BuAoNQkXXzxM5XNyD3U7gfZ4gtnNBFObprNz5YWxUrgcJGCAZo%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055f4bc89220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7635

GET
H3 200 trending@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 6 KB
6 KB 185ms
184ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/trending@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c88af004e8da4a5f648cbfb7edf5b6b0462f3357e416151409329dc5c9aa6c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"16b9-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrbCvex4Ag621qCWAJpvJNxKdzGF95yPCqD8j1TvWlMs7BqS1osfR%2FDaH80b4OucNoAWHV1HDs4R8Jzeh7F0DqS0gYu4QPcB1Oci5j7z3laeZSMU%2BbpIrNDiqDjjcobP0PAnNtKSJQ6GI6gNij1UaW7z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055f5bcc9220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5817

GET
H3 200 viral%20videos@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 5 KB
5 KB 186ms
186ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/viral%20videos@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7de09b15b366d4d073ab57fdbad52f97b396a8f85b3ff5e2aaadeebd4ed99881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"140b-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH%2FrS3IuD6s553paGw3nIxfprN4rpOExvyz8CG8EV0Nuu4FUBWcTe5XHDOSJIu4Fh3c8k7v4eWq83r6t0hNGJfjQPE2dg4ogjtcIU5xE8JgFcFAs6PJCo%2Fx7ln5aNWNxusiLYoR7wGwo%2FU6u4KYg8Zvf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055f5bce9220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5131

GET
H3 200 love@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 9 KB
10 KB 186ms
186ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/love@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27f99d39db30437124397a74027e903b620e5aad550b6e45633646f5608d164c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2461-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qimXdzchZhH8EbULEPNoWQfdcOpDbg2sJ0D9RPQSjpcxIHD9%2FcRAkD5lQERjOjZbaIEAhTzZb%2FCImsGKwxwZjwflG3CDaLEsv77V2XQLpYg02Ojnj2cknYKGgfrHzkGzT2gqEZa%2FzLgRVMLctL3QDiU4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055f5bcf9220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9313

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame D665 38 KB
15 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 27 Oct 2024 12:30:34 GMT

GET
H3 200 dance@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 8 KB
9 KB 184ms
183ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/dance@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ea640670dd32d8ee4cdfcb5d8157417f87fc1ec24171f663606e17df528b1c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2055-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAIhwBZG432LqpM1azKYohhpNzqGxkk29ybGtNtMR0OAz%2FqzMdQJnzv%2BfbvZfZV9R4%2FXWIbgx2pNxD%2B9aSKd6R5oOrhB1In%2F4dRRgapa40kypKzMiTTTK90h3HiZOGiWlrtD%2B6c4yJaiK6j9mhI2HeVc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055f7bf29220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8277

GET
H3 200 girls@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 7 KB
7 KB 187ms
187ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/girls@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8d79f7d0dcf0433c3a56abfa1154fbdfdfa6fa72ccc25fdda8b7a3036aee8330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1ab5-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rr0%2FcyPjnKuHZOUNX2bt3RQERlNx7AggPatIqKGgV%2B2gAldHNsx51WNG7%2FI4W9z1Pgqi4IyGQoVZPNaXHknFZbon91xAr%2FUlHoZ8SxkQSvCrfa6gBK8xFwGnNVGN11x0AmQDBPde%2B2J8xOLo%2Bn7lo09r"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055f7bf49220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6837

GET
H3 200 funny@2x.jpg
www.tiktokstalk.com/public/img/uploads/category/ 8 KB
8 KB 183ms
183ms Image
image/jpeg 2606:4700:3037::ac43:ad9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tiktokstalk.com/public/img/uploads/category/funny@2x.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:ad9a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: afa08d084ad6b30e5f1a636f36637eebcbc8a9b29e82e5888ed115c2d2a9a874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 18:31:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1f3f-184e38efd5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miV6aCxr1Dk%2BXPOnEayOYh%2FlCu3x4yeNrYO%2BPDuvwk55k3id8E3%2FdlIyJKJL6YdiG3ltrtPhPSbcI1wlJ2Cu0GIb198kI9ctAVacuwlmaOkGsdyMZ5WsZ78%2BrhFS4leSqy7weaItJjgq8zUpUBVfo4q%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 81d5055f7bf59220-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7999

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D335 0
0 67ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310230101&jk=1642748965955056&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D665 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ChKnaA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7362 6 KB
3 KB 22ms
22ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:24 GMT
expires: Sun, 27 Oct 2024 17:50:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 33ms
32ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_fluid_lb%2Bsq_thomeads&pn=2&sn=3&pc=0.44106121063232423&ds=true&e=wdp&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: HIT
age: 1736242
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d505616bc865c5-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 143ms
142ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=tiktokstalk.com_fluid_lb%2Bsq_thomeads&sy=0b00291d-62f7-49d7-bba1-14ed076a3bb6&ts=84&cd=2&pud=281&pus=c&pue=716&pid=160&pis=c&pie=876&ppd=601&pps=a&ppe=1318&pcl=988&ttc=1379&tti=2378&ttif=0&lca=1318&lcak=ppe&lct=1318&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.tiktokstalk.com&mlre=undefined&mlin=0&mlsi=740x280&mlbw=4g&mlcs=NaN&mltp=15fb51f4-807d-4151-a910-2e91b99dd249&e=lm&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: HIT
age: 1736242
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d505616bca65c5-FRA

GET
H2 200 container.html Show response
ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6341 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:24 GMT
expires: Sun, 27 Oct 2024 17:50:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
480 B 132ms
132ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.27171692848205564&ds=true&e=wdp&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: HIT
age: 1736242
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d505619bff65c5-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 133ms
133ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=tiktokstalk.com_auto_728x90_sticky_display_bottom&sy=0b00291d-62f7-49d7-bba1-14ed076a3bb6&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.tiktokstalk.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=15fb51f4-807d-4151-a910-2e91b99dd249&e=lm&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: HIT
age: 1736242
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d505619c0565c5-FRA

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D192 165 KB
51 KB 196ms
121ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT1J4QABwxUH_Z7bAARL4AQct3swc6AL9-Ae1Q&u=%7CO%2Bwi9sHu4NE8uN6tZqawNCWCzsNGHdpGCzMg7hkGzNk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC864lKxkyLNlbsWtiuWr-uU5j42gUDSK87A0Bwn2mnO_P8yH6r6wO12JO5ESl4VYAiRPDRTAr45euNqbRnJEtJXEJH7TZ6NM1y2F5weDf5mGO3-UwsHBDgPjmM3BAYJoMRLXSCOqRnhOP19OEaaSzajrQ08Vkbgi02WGnL2t4KlygknOFQ8UY427zdaD4M3UB-nVbSHg9UDlzKcyk793DfFJ77P81evjC_AWUe-CqQ-mcQREUTCPYM6qt3ewBCUwZnSkt-wmcFYm1k_P53JLLxRfBQ_2sVLNOP8pqNBMu3oiF1uPkBVx_EX_irYYLY3VqMXi1Eq0OVPInqREAljoICmQ3u0W42jQ8HCfOkMQYVGkGt2XLwRXk7jswKO9Hl95oHjKqC_7hiFZWW2tjTu-YOD-E1lfQmvaubuBeUL9oFxna3K0KyzSbg-YH-DS55smi0hFZU6R07co6YGz0Nx-rZ7w81P4c6IBOO-IM9As1MrJvf3JQAq5Vy5cuiIKPRu_jb3WdQAKF21Foh3FLCGgkzLIAkwNBOZUFIFULt5dD1opR58qOxqDjJzk8uAYsPiqOTNQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoPm4Uk9ZZWGB9u99u8P4JeRgAfJntKxXKX8k_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpArTQghl_ubE-4AIAqAMByAMCqgSoAk_QR7er9WLu24gca5KwbRkA4zUvyzRC3x3ZYpTF24efjbhFy2GBhi5bkql8YP9MJc7PGwip6LBOLTu_cWXUJMM1eFnMgkO_gS6DdZfJWyGoB4E15ZL8e9qMxB_jP9ZXoXKU8C9fcNmyIi8EJjbPbO1X2dlTL-rcBXIvsInhTQ2kn08TPe_T3EM-mnTk3dcPpFZ29BScLa093Y0KYkPb0mhFX0C_VWfJiGLKKRlHwTXT-h_0y3tGFuuiQ7hJ6p2oZb2mpnwAr-Hy6BNP3MtYnX0AEl5CJ6VuWvMrmjvSgOKcNwsT7gQMEvrx2BQ3ZMNcnXoVJJP5md7SOjzIRZDWGoHo6yz_Rg26eaC60xti5K5bzdW6_Y-eD58gg0bIYBBCuNwPHdq-qPSO4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Dg2NjCEb8U35AaaGumsdXfGmG_g%26client%3Dca-pub-3831894559014614%26adurl%3D

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

17d96fe87dda65359907971d63c2303caa22c85ee574260c2c07f03537b3293a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WiMw3Wx_b7xxNYl2OsSXeRSx2Q6bfnmFYxCKN7VIrc9e2_rlt3KbGQAJqv6jSGK1guIjwH-bWIvsEbyWFf_a56Ah8sAGTKqAYgfUJdcp3_Uwx22IzXUqXqygudzdQgM_f-JAlyQhjEodK_2ZHEG67PvbAA9gN1E6YMK4BiYXKgqdATf8gkaEpmcPfv6gkvyacvKUmmN9aImsWbvOlNiqOk9I74V-RGUB0D6lxbdaxw_NLsxSUz45CAV1-2odIfgCauJxkw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74383081
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 7362 3 KB
1 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 12:30:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C2D 1 KB
643 B 23ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sun, 29 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 7362 20 KB
8 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 14:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 14:17:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7362 0
0 31ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUHp1lE1Ts7H6Vk1KOd3e_DF7OPES11VO_06i0vo_HxWkcWmHaUpGbeA9VTWxUL0wBOdTmy-EbEEBEOhuu71Qu5TkpUw
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7362 24 KB
6 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7362 187 KB
59 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 17:50:25 GMT

GET
H3 200 container.html Show response
ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 201B 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:24 GMT
expires: Sun, 27 Oct 2024 17:50:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 142ms
142ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=tiktokstalk.com_fluid_lb%2Bsq_theaderads&pn=2&sn=3&pc=0.3801946878433227&ds=true&e=wdp&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: HIT
age: 1736242
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d50561cc6365c5-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
482 B 36ms
36ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=tiktokstalk.com_fluid_lb%2Bsq_theaderads&sy=0b00291d-62f7-49d7-bba1-14ed076a3bb6&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.tiktokstalk.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=15fb51f4-807d-4151-a910-2e91b99dd249&e=lm&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:25 GMT
cf-cache-status: HIT
age: 1736242
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d50561cc6565c5-FRA

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 6341 90 KB
36 KB 159ms
42ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56c403d2eb0951999e5a3b90338a97c71eee19956ea41892c167dd354247fd84

Request headers

Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
Origin: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 16:57:38 GMT
vary: Accept-Encoding
x-azure-ref: 20231028T175025Z-3ep0dht8qh3gzcghv6exp0cy5n0000000eu000000002d6gc
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 57e4e4a1-401e-004f-492d-0830b0000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 6341
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ddacb16a-a796-4436-937f-be224d0aa718&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=6100299b-53d5-4ce3-b31...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=4ef70c0529784b7081257d5b1b0de2c4&SNR=1&GV=2&med=10

0
544 B

120ms
120ms

Image
text/plain

2a02:26f0:f700:9::58dd:5c12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=4ef70c0529784b7081257d5b1b0de2c4&SNR=1&GV=2&med=10
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:f700:9::58dd:5c12 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 748A21938C3A481F9A4D1C277AAF6ABA Ref B: FRAEDGE1414 Ref C: 2023-10-28T17:50:25Z
x-cdn-traceid: 0.12291202.1698515425.ff81e1
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 28 Oct 2023 17:50:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C3F3F66209FA4DB19D63FCFFAB022D1B Ref B: MIL30EDGE1505 Ref C: 2023-10-28T17:50:25Z
x-cdn-traceid: 0.12291202.1698515425.ff8120
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=4ef70c0529784b7081257d5b1b0de2c4&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 6341 80 KB
27 KB 110ms
31ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sat, 28 Oct 2023 17:50:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 27 Oct 2024 17:50:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 6341 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 12:30:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 6341 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 14:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 14:17:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6341 0
0 29ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyk2ij2nKgQDVyx7KJDMGt-t7UXkxDdprymBaNnQzfXpiiMsLI-gxjV5n6_kwD0es91HqB0XHZkjJf5CPi2zDvVY4Efg
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6341 24 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6341 187 KB
59 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 17:50:25 GMT

GET
DATA 200
OK truncated
/ Frame 7362 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72e670c0b31e7629c9f894a9a6e8b5e598916375bc75d8de379895c59fb5d2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9C2D 70 B
149 B 153ms
48ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH4Hr7wMrJg1XZ9gpdEsEaI&google_cver=1&google_push=AXcoOmSBTdPoNoRnxWMxq4wgD_pCzSd1uHzJtuuquvU1rIt24JaKq2E5_ZlEq73jBPNpFvbtISLUki7SK3VHxspK5Xj8cRtHmQ8uDA
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C2D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECLj0jjWONpX4DsrrLyUoZA&google_cver=1&google_push=AXcoOmSDtisaMEd8Hl7ZdffB4NGt-9N9t317ZUU6R6_Zfm2QSx7hi1vnIV5nA-Ko2CdPXUjWJ1OJH9WPmZH_hBsa...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmSDtisaMEd8Hl7ZdffB4NGt-9N9t317ZUU6R6_Zfm2QSx7hi1vnIV5nA-Ko2CdPXUjWJ1OJH9WPmZH_hBsarrRAZdMz00WLqQ

170 B
329 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmSDtisaMEd8Hl7ZdffB4NGt-9N9t317ZUU6R6_Zfm2QSx7hi1vnIV5nA-Ko2CdPXUjWJ1OJH9WPmZH_hBsarrRAZdMz00WLqQ

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Oct 2023 17:50:25 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmSDtisaMEd8Hl7ZdffB4NGt-9N9t317ZUU6R6_Zfm2QSx7hi1vnIV5nA-Ko2CdPXUjWJ1OJH9WPmZH_hBsarrRAZdMz00WLqQ
x-host: tde-deliveryengine-production-5bf79cd4ff-knclq
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 9C2D 43 B
146 B 84ms
23ms Image
image/gif 3.121.157.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELEYP7LsoJiVqMyXT5mm1BU&google_cver=1&google_push=AXcoOmQIT4JJSmzWQKiuPZgSgM8vaRUUwDZaZOCaYb1yYesYCXdSXddLIhm5s_HHEMYrHPWufrywOSTpNI_rDDdwfxUdwmko09bpyA
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.157.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-157-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C2D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UQ28rW-ITP2sDDhoYyH5Cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UQ28rW-ITP2sDDhoYyH5Cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSU314ypDDSGun-ZFA1Zy5A_7jKWF8g6FzvI6LzHVOby-GSt2q7x5fJ90hzH8tk3AteMOyncQLcySrJf8WYkLUE29oj2GJXZw

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UQ28rW-ITP2sDDhoYyH5Cg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSU314ypDDSGun-ZFA1Zy5A_7jKWF8g6FzvI6LzHVOby-GSt2q7x5fJ90hzH8tk3AteMOyncQLcySrJf8WYkLUE29oj2GJXZw
date: Sat, 28 Oct 2023 17:50:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C2D
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-51bc9074-a33d-4df3-9dd8-4a40af01abec-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRYyxkH1xUUXS0OeT_c6...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0&google_hm=A1G8kHSjPU3zndhKQK8Bq-w

170 B
232 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0&google_hm=A1G8kHSjPU3zndhKQK8Bq-w

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRYyxkH1xUUXS0OeT_c6b7MwXmts-BiI8P3f9nFJOYiFTXYaZoAHZcm0adbZJNPo5z4p6S97mt0h3gXTnW22S5Dyzr_9pz0&google_hm=A1G8kHSjPU3zndhKQK8Bq-w
date: Sat, 28 Oct 2023 17:50:25 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX51bc9074a33d4df39dd84a40af01abec003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C2D
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESED9fWDbc-1AoAo04IcSvbYA&google_cver=1&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQu...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESED9fWDbc-1AoAo04IcSvbYA&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQu...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQuBfqSDCPNn7xgAP9oi-vzsuU1U0&google_hm=N25zTVJISi1lR...

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQuBfqSDCPNn7xgAP9oi-vzsuU1U0&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Oct 2023 17:50:26 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmR9KMh66TlAIPusKWld-ywPljNzFp7rGzq4DbZmegs009jnesAWNQt3OdH8pk2hfZ9nFMrQuBfqSDCPNn7xgAP9oi-vzsuU1U0&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 243
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 9C2D
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEF-LfcbBoho8WnxoWq5UeK8?ext-param=AXcoOmTgjnHxCQW9MCzv7-Mh8tlzlN9viwMn-__ooOLZ3t-9RcjglNpY8lrbqzbnLRynu_5Y9gch8khqZrivECGSy1pPzkwiuBvCq9Q&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESEF-LfcbBoho8WnxoWq5UeK8?redir-setuniq=1&ext-param=AXcoOmTgjnHxCQW9MCzv7-Mh8tlzlN9viwMn-__ooOLZ3t-9RcjglNpY8lrbqzbnLRynu_5Y9gch8khqZrivECGSy1pPzkwiuBvCq9Q&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEF-LfcbBoho8WnxoWq5UeK8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

67ms
67ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 12 Oct 2024 17:50:25 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C2D 0
130 B 109ms
29ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JuoitOm5VHse7wIDsLB_SgddQAGeFBN7i_Bi2MTYBCXi1Ba5NMko8bZiEgJ4YIQVM5SRELakI

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 201B 90 KB
36 KB 127ms
42ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 56c403d2eb0951999e5a3b90338a97c71eee19956ea41892c167dd354247fd84

Request headers

Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
Origin: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: br
last-modified: Thu, 26 Oct 2023 16:57:38 GMT
vary: Accept-Encoding
x-azure-ref: 20231028T175025Z-3ep0dht8qh3gzcghv6exp0cy5n0000000eu000000002d6gb
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 57e4e4a1-401e-004f-492d-0830b0000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 201B
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=c553cb78-abc2-4826-81bb-7a9f43d83390&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=9be71d64-741b-4167...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e1d799ea9e3a458db6efcc9cff16e7fb&SNR=1&GV=2&med=10

0
547 B

102ms
102ms

Image
text/plain

2a02:26f0:f700:9::58dd:5c12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e1d799ea9e3a458db6efcc9cff16e7fb&SNR=1&GV=2&med=10
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:f700:9::58dd:5c12 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C663665BBA35405FBEECC3FDD69B7E3C Ref B: FRA31EDGE0811 Ref C: 2023-10-28T17:50:25Z
x-cdn-traceid: 0.12291202.1698515425.ff8191
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 28 Oct 2023 17:50:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 120BF739B674451E87FC529B9DFD89D5 Ref B: MIL30EDGE1512 Ref C: 2023-10-28T17:50:25Z
x-cdn-traceid: 0.12291202.1698515425.ff8121
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=e1d799ea9e3a458db6efcc9cff16e7fb&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 201B 80 KB
27 KB 121ms
51ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sat, 28 Oct 2023 17:50:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 27 Oct 2024 17:50:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 201B 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 12:30:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 201B 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 14:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 14:17:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 201B 0
0 31ms
30ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7h9YAnysdJT2BDeM4Xnn8YfOczI05yNZHizcaesfdTSyYbfvg70EvQgNwQhLrw38Qu-0bhhdVw5jeoj7SbqY9emxmCA
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 201B 24 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 201B 187 KB
59 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 17:50:25 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7362 0
0 66ms
65ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnKQt4Uk9ZZWGB9u99u8P4JeRgAfJntKxXKX8k_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpArTQghl_ubE-4AIAqAMByAMCqgSlAk_QR7er9WLu24gca5KwbRkA4zUvyzRC3x3ZYpTF24efjbhFy2GBhi5bkql8YP9MJc7PGwip6LBOLTu_cWXUJMM1eFnMgkO_gS6DdZfJWyGoB4E15ZL8e9qMxB_jP9ZXoXKU8C9fcNmyIi8EJjbPbO1X2dlTL-rcBXIvsInhTQ2kn08TPe_T3EM-mnTk3dcPpFZ29BScLa093Y0KYkPb0mhFX0C_VWfJiGLKKRlHwTXT-h_0y3tGFuuiQ7hJ6p2oZb2mpnwAr-Hy6BNP3MtYnX0AEl5CJ6VuWvMrmjvSgOKcNwsT7gQMEvrx2BQ3ZMNcnXoVJJP5md7SOjzIRZDWGsPqyr5_1d2H33CdCZdCDQpV6t8M96GGjSvovuA63w5uoETFifpX4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzgzMTg5NDU1OTAxNDYxNBj9-RM&sigh=C95L2leYuYg&uach_m=[UACH]&cid=CAQSOwDICaaNuMnsTn2k2Ue2wpQ0MKwp518HJ52Y5_4svhYMTmCH4-SIJqJtIZs4wpMUtpPOHxg8jCWii9XeGAE&cbvp=2&vis=1
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 7362 0
126 B 107ms
34ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGOzZW-QFmAKdg2ICAgAAAHobFO5qgn2yEOBJPWXT4Ueu9n3BAR6ZAAASAAAKCkFRVURBUUVQQVE&wp=ZT1J4QABwxUH_Z7bAARL4AQct3swc6AL9-Ae1Q&cbvp=2

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:24 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 149491
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D192 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZT1J4QABwxUH_Z7bAARL4AQct3swc6AL9-Ae1Q&u=%7CO%2Bwi9sHu4NE8uN6tZqawNCWCzsNGHdpGCzMg7hkGzNk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC864lKxkyLNlbsWtiuWr-uU5j42gUDSK87A0Bwn2mnO_P8yH6r6wO12JO5ESl4VYAiRPDRTAr45euNqbRnJEtJXEJH7TZ6NM1y2F5weDf5mGO3-UwsHBDgPjmM3BAYJoMRLXSCOqRnhOP19OEaaSzajrQ08Vkbgi02WGnL2t4KlygknOFQ8UY427zdaD4M3UB-nVbSHg9UDlzKcyk793DfFJ77P81evjC_AWUe-CqQ-mcQREUTCPYM6qt3ewBCUwZnSkt-wmcFYm1k_P53JLLxRfBQ_2sVLNOP8pqNBMu3oiF1uPkBVx_EX_irYYLY3VqMXi1Eq0OVPInqREAljoICmQ3u0W42jQ8HCfOkMQYVGkGt2XLwRXk7jswKO9Hl95oHjKqC_7hiFZWW2tjTu-YOD-E1lfQmvaubuBeUL9oFxna3K0KyzSbg-YH-DS55smi0hFZU6R07co6YGz0Nx-rZ7w81P4c6IBOO-IM9As1MrJvf3JQAq5Vy5cuiIKPRu_jb3WdQAKF21Foh3FLCGgkzLIAkwNBOZUFIFULt5dD1opR58qOxqDjJzk8uAYsPiqOTNQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJoPm4Uk9ZZWGB9u99u8P4JeRgAfJntKxXKX8k_dwwI23ARABIABglYKAgJQHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTTIAQmpArTQghl_ubE-4AIAqAMByAMCqgSoAk_QR7er9WLu24gca5KwbRkA4zUvyzRC3x3ZYpTF24efjbhFy2GBhi5bkql8YP9MJc7PGwip6LBOLTu_cWXUJMM1eFnMgkO_gS6DdZfJWyGoB4E15ZL8e9qMxB_jP9ZXoXKU8C9fcNmyIi8EJjbPbO1X2dlTL-rcBXIvsInhTQ2kn08TPe_T3EM-mnTk3dcPpFZ29BScLa093Y0KYkPb0mhFX0C_VWfJiGLKKRlHwTXT-h_0y3tGFuuiQ7hJ6p2oZb2mpnwAr-Hy6BNP3MtYnX0AEl5CJ6VuWvMrmjvSgOKcNwsT7gQMEvrx2BQ3ZMNcnXoVJJP5md7SOjzIRZDWGoHo6yz_Rg26eaC60xti5K5bzdW6_Y-eD58gg0bIYBBCuNwPHdq-qPSO4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Dg2NjCEb8U35AaaGumsdXfGmG_g%26client%3Dca-pub-3831894559014614%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Oct 2024 17:50:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D192 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Oct 2024 17:50:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D192 308 B
636 B 39ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 22 Oct 2024 17:50:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D192 293 B
621 B 39ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 22 Oct 2024 17:50:25 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame D192 43 B
348 B 99ms
30ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=USRAHi_29M39v_Fr_DtWKUX9o9NdqyHGvSZFDKi_1pIMPgolkp8P3qng0LqR7cAWyPzy0bGT8bdHQ7dKtsaM8xnDpq1CRBmDIO2jZcNZgdy28lviinLpgIxEcW-Tlm_EP4VTsONh6XaUoqBckQD2YzJNHMjmoPxZwG10jo9pxPTaPrRG8DRfdqX8HxgHb_djLvQoGX0foPX4OrlQAsCLPbMpjXElHL77tVBPCHfYXQrpBLdl7PG8YYk0KO2J-oiwECVMII4sba2dmwcfXn75gmCIH1zrhmatWv1FvGizuMfTDYgJUsAsynjHKGnPf7usDNMSZEek8MWsjlIakkLJYYQyg4ZWLmeVN5v_fjgTzWJtmtb-rDedpD9dxeDau4q1edsm8yPLOqjf6MVtNl-tyVscl8apmPXLuSa7KK0ATBvdKL3e90pjvae7kjITdERps9D9eg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2458536
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 201B 22 KB
22 KB 72ms
72ms Image
image/jpeg 2a02:26f0:f700:9::58dd:5c12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215912943612_149SLPE7KBSDW40332&pid=21.2&c=16&roil=0&roit=0.1077&roir=1&roib=0.893&w=379&h=198&qlt=90
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:9::58dd:5c12 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a281b149ed96781d3826e941783e4187fd2ee230476379972072b3eb514843bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.12291202.1698515425.ff81e0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 22276
alt-svc: h3=":443"; ma=93600

GET
H2 200 th
www.bing.com/ Frame 6341 9 KB
9 KB 61ms
60ms Image
image/jpeg 2a02:26f0:f700:9::58dd:5c12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OAIP.df34028a0caa5d21afd18412de44d582&pid=AdsNative&c=3&w=200&h=105&qlt=90
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:9::58dd:5c12 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6b90f4e159f4f3d42aad2909457d9682607b57c246cbfaf45bffdeed0aa72fae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.12291202.1698515425.ff81e2
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 9298
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 6341 0
533 B 109ms
31ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.tiktokstalk.com&e=wqT_3QLuA-juAQAAAwDWAAUBCOGT9akGEMbyuI70lJrNIhgAKjYJwKsRXOwcrD8R654l_QNFqz8ZAAAAwMzM-D8h6w0SACkRJNAxAAAAoJmZ2T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXi09gWAAQGKAQNVU0SSAQEG8MmYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCG2h0dHBzOi8vd3d3LnRpa3Rva3N0YWxrLmNvbYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX-5N2Th7rItCzABQDJBQAAAAAAAPA_0gUJCQAABQ04ANgFAeAFAfAF7KBR-gUEAVwokAYAmAYAuAYAwQYJIyzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHtPYF0gcNCREoASYI2gcGAV6kGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=3c1b6490b275a08813adc192c3874d9115b93f7b&bdref=https%3A%2F%2Fwww.tiktokstalk.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.tiktokstalk.com%2F,https%3A%2F%2Fed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
an-x-request-uuid: 442875b7-837d-4f2c-b8ba-152f4f37bae2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 201B 0
532 B 95ms
32ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.tiktokstalk.com&e=wqT_3QLuA-juAQAAAwDWAAUBCOGT9akGELzDn934laqQJBgAKjYJWu3xynOstj8ReTBWmVH-tT8ZAAAAoEfh_j8heQ0SACkRJNAxAAAA4FG43j8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXil9wWAAQGKAQNVU0SSAQEG8MmYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCG2h0dHBzOi8vd3d3LnRpa3Rva3N0YWxrLmNvbYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWarIalurfYn2fABQDJBQAAAAAAAPA_0gUJCQAABQ04ANgFAeAFAfAFgqgG-gUEAVwokAYAmAYAuAYAwQYJIyzwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHpfcF0gcNCREoASYI2gcGAV6kGADgBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=c616cccea511099c4e51af35dd093c09d9162baa&bdref=https%3A%2F%2Fwww.tiktokstalk.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.tiktokstalk.com%2F,https%3A%2F%2Fed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
an-x-request-uuid: 6c5c15bb-e88b-42c5-bf70-34418c168a34
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D192 12 KB
6 KB 41ms
41ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Oct 2024 17:50:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D192 36 KB
36 KB 182ms
100ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Ffc5b2532e4ff4326a459f87c7b9b521f_eu_oveckarna_vertikalni_hneda.png&v=3&w=376&rid=4&s=9srsdIinTjH0XL4UcPJJ7VOy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0645cc7d00365d82fca97bd894afa236f1a39e4520935bf2b3705f08d07fafb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 36696
expires: Thu, 03 Oct 2024 11:26:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D192 22 KB
22 KB 151ms
70ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F7205_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=I5HXE70agGaBgMSqWI5tWVER&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

32414d567ed369b703973cf08eeaed4ca0d15b0fb89fc467e6348ca95ecd659c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 22538
expires: Sat, 04 Nov 2023 22:38:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D192 19 KB
19 KB 209ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=owQ2WY3CxCFUf4ETDUw4IY-t&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

80400bac369ea4484573731db58d2181679dda28b7cbcef7ee604353ad9a1335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 19086
expires: Sat, 04 Nov 2023 21:55:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D192 8 KB
8 KB 196ms
116ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F8223_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=N_IPs4n-6NE_Daask-3I5aSk&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f75fccc8b3b87163bdfe20f3c749091f09714d35a0018d1a2b40715a178c3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 7804
expires: Sat, 04 Nov 2023 12:16:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame D192 10 KB
10 KB 208ms
128ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=8FTw8xYojgkpP_qJ47L5XP6V&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f844a694de00e43f374e97c780f362c274bd6084665c9d7a523250054b890300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 10210
expires: Sat, 04 Nov 2023 12:47:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D192 0
128 B 112ms
38ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=WiMw3Wx_b7xxNYl2OsSXeRSx2Q6bfnmFYxCKN7VIrc9e2_rlt3KbGQAJqv6jSGK1guIjwH-bWIvsEbyWFf_a56Ah8sAGTKqAYgfUJdcp3_Uwx22IzXUqXqygudzdQgM_f-JAlyQhjEodK_2ZHEG67PvbAA9gN1E6YMK4BiYXKgqdATf8gkaEpmcPfv6gkvyacvKUmmN9aImsWbvOlNiqOk9I74V-RGUB0D6lxbdaxw_NLsxSUz45CAV1-2odIfgCauJxkw&sds=2&rev=89054&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 28 Oct 2023 17:50:25 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D192 2 KB
1 KB 37ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Oct 2024 17:50:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D192 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 22 Oct 2024 17:50:25 GMT

GET
H3 200 container.html Show response
ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4790 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079073

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tiktokstalk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:24 GMT
expires: Sun, 27 Oct 2024 17:50:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 131ms
131ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=3.59&b=2&r=tiktokstalk.com_auto_interstitial_desktop&sy=0b00291d-62f7-49d7-bba1-14ed076a3bb6&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.tiktokstalk.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=15fb51f4-807d-4151-a910-2e91b99dd249&e=lm&dsReferer=dGlrdG9rc3RhbGsuY29tLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v17.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-nf-request-id: 01HC75FMPXAP9QXVE4613QWNQA
date: Sat, 28 Oct 2023 17:50:26 GMT
cf-cache-status: HIT
age: 1736243
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "21c8841ebef55ccccd0fc71b96dfbd5f-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 81d50563dff165c5-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame 4790 4 KB
767 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 16:59:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 17:50:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4D2D 6 KB
779 B 36ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 16:26:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 17:50:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 4D2D 2 KB
825 B 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:14:38 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/ Frame 4D2D 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:14:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 4D2D 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 12:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 12:30:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EDA1 1 KB
643 B 31ms
30ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sun, 29 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 4D2D 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 14:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8426
x-xss-protection: 0
server: cafe
etag: 17696348727749479825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 14:17:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4D2D 0
0 32ms
31ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRw_PDNJYFxrAU_AG67fIe5FjFKksoYV4ibPOSPTsFXREKbbTqyW34iY9Kmlf90iB5FRpGIrMB6_S8QF-Q_39AsumblhA
Requested by: Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D2D 187 KB
59 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60190
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698233972131352"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 17:50:25 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 4D2D 36 KB
15 KB 82ms
22ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 16:29:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 17:18:51 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/ Frame 4790 20 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Nov 2023 16:35:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4790 205 B
519 B 82ms
27ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 12:23:43 GMT
x-content-type-options: nosniff
age: 106003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Oct 2024 12:23:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4790 604 B
695 B 82ms
28ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 13:59:43 GMT
x-content-type-options: nosniff
age: 100243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 26 Oct 2024 13:59:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310230101&jk=1642748965955056&bg=!SkmlSQbNAAbo5yKYyOc7ADQBe5WfOByZFQjxb8naY4CNIr2rGaBUOxikRBIJuqJ1MKCOjFaAPHVcS4P4Y-ifLUSX4vuYAgAAAGVSAAAAA2gBB5kCs_i84aNWMVU43jcZQTyW4e1qoVkfpaZkIV-Bw1VRr1Sm30KIV0mGQy4l07HP_YxRMvFFsMhEVD_LWvJ9qetkQX4UsqxL6OedZlXB4uCmTFLprFBotAqy6wf_amwb4ky7VjCOyU7oHZutfYFhWMujCuXvqo9LFemSueWu4H4-uHy74yr_uIltjFfZBOoRC21oo7xf0f5Z78w6p1WUSUVeQiR4i-MlCtF2kEDFwZauwFTCRAJ86oaGWei66vKTfTQvHvUbf5t0OvorQbKBCm_WESDzeoEhxruq8bVIyWGC2o7jR02EL7I_jTeO8zorWBMRMSz3UeB6iANCxQJmJQWRajjmijLgiND1Hvg4YRH1XQLMYHisDOC16FOVqz3E4hYTE4leOWWWDNff86mYStOJ9LhLz6qw6lALW9eO8xUKKUMTJihAcZKhPA8bTq8O5xh1ZG_gUdpkwlfIcsBx6tFH1J34-HXlHJHzvrevD8tzPbeNhE4d_KxXmezWhv_EO8WPNah6TjOHjMEQCL852gT7WuWE8HzkMpYw8f5yI8Ch1CfKHHEuJDclfDAenDZikePL_i8WFZmc2mWtE1EGvPYW1985va3yk_KdxdqWIr6_SEZs_UUFH4ALJLoMw6-DECyp9sVA-CKdMOnF_ZmI2zaBf8iQ1dGoMg6sU7Pv3ARJrH_CxXijcIxzVnfRsM2Wi_W4Hvbv5SQGWjVZVickIBxr_1WpmVLL7VThcm7zDj8GGdYseDjQji-HtrFPZ7JcYMXy4VwDESq_tAsPSTQRqp4_XShwZuiZgrOSjaYmyt-4JJz4bVjz_mPv0QopyOaQNv_I37VHwcDa7jHUONeke5eXRZVBcVWefsncCPg2mQYST90xIX5Oag-vqzcobWE3ltI8eyUoR1OfxJfxlpBKUOa-_gxHN_E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tiktokstalk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9C5C 1 KB
643 B 23ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sun, 29 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6341 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60240e59da7c6f28c3aac80db5615d8050ba04de2e573ae19259c0ff0a0ddfbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1ADB 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 02:22:07 GMT
etag: 48472445140208031
expires: Sun, 29 Oct 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 201B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01f19f2599699fcc6443decf2d5af0ecda41510ea275a56c310d918a49077ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 6341 0
582 B 32ms
31ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.tiktokstalk.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCOGT9akGEMbyuI70lJrNIhgAKjYJwKsRXOwcrD8R654l_QNFqz8ZAAAAwMzM-D8h6w0SACkRJNAxAAAAoJmZ2T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXi09gWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIbaHR0cHM6Ly93d3cudGlrdG9rc3RhbGsuY29tgAMAiAMBkAMAmAMJoAMBqgOSAwqsAmh0dBUx8J9iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02MTAwMjk5Yi01M2Q1LTRjZTMtYjMxYy1lZmFiNGE3NDBkYTQmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZynm0ANHJ0eXBlPW51cmwmdGFnATZsOTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8GllcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjQ5MzQyMDQxMTI3NTg1MjEwMiIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpOekl5T1RNeE5UUXdOVFV6TlRrak56BRQYMk9UZzBNegEM8EZZPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBEVUWIgFAZgFAKAF_uTdk4e6yLQswAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXsoFH6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe09gXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB9GiBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=1844d44a959c2a224074589a10b82f83bc27b2ef&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sid=2725849271923869779&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=728&ph=90&ww=728&wh=90&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
an-x-request-uuid: 8bf94add-ac42-4fbe-a018-bdbe56632b1a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 201B 0
582 B 31ms
30ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.tiktokstalk.com&e=wqT_3QKMB-iMAwAAAwDWAAUBCOGT9akGELzDn934laqQJBgAKjYJWu3xynOstj8ReTBWmVH-tT8ZAAAAoEfh_j8heQ0SACkRJNAxAAAA4FG43j8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXil9wWAAQGKAQNVU0SSAQEG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCG2h0dHBzOi8vd3d3LnRpa3Rva3N0YWxrLmNvbYADAIgDAZADAJgDCaADAaoDmgMKsAJodBkx8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05YmU3MWQ2NC03NDFiLTQxNjctYTE4Zi1jZTQ4NjJhODkyZDYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOY5xALhydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzI2MDMyNjYwNTY1MzU5MjUxODAiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJMk16WTNPVFF5TVRRMU9UZ2pNak15TkRRek5qTXdNRGt5TURVeU1BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFmqyGpbq32J9nwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFgqgG-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHpfcF0gcNCS4mAAzaBwYICS-kBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=47da485a4c390de9a5b239a717df213723803b7d&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=478&bh=250&sid=2725849271923869779&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&sw=1600&sh=1200&pw=970&ph=250&ww=970&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
an-x-request-uuid: 5765ac06-efce-446e-9da9-7d3f5ade0cbe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6341 0
0 66ms
65ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYjtB4Uk9ZbO8C7qP9u8P_sCJiAvS4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSjAk_QoLFbp0MauQPgH79ax3xtrb-3vQvo3Tq_vUQ3Kimeya7MFYGTHHD2x2n5vbzi1vh0IH7Dm1gpv1-bFCa0_UtA-Oe7g87nst5nUMbwKuKfc8T4kGNCJeB8N0SYUbGtyUcwKjR5ioorpMBCKoj59Y2juPbmU7Vdj44CD-4CE8AFvAAv9b4_Csn60OwioFFvJ_9-gqb1IfbXA8sfLaOzuMqTPvm5tBfbLYZuGfbxwIetcsqrUoMH4FAb2hqXgisN7xQ5tK2fqsG6d2FjEYlzEhz1TtycbprPMopsoOGTJbvFHis_Uv_9qGqm6QaFIiTug8GajplB9v6wBB3FZbhbedKgOQSDJ4Th9rcAW2qNdD9JiO_gT0FmErzLnEkhMwNNl8fPweAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=IFY7BENhISg&uach_m=[UACH]&cid=CAQSPADICaaNNknY_XBnrtRZNYQ59W1NCWMaPZC41G3yE75S1jxY7N2JMqF4Gn3yrc_vvTfEcB2IWJLFDZrgIhgB&cbvp=2&vis=1
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 6341 0
533 B 31ms
31ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.tiktokstalk.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCOGT9akGEMbyuI70lJrNIhgAKjYJwKsRXOwcrD8R654l_QNFqz8ZAAAAwMzM-D8h6w0SACkRJNAxAAAAoJmZ2T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXi09gWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIbaHR0cHM6Ly93d3cudGlrdG9rc3RhbGsuY29tgAMAiAMBkAMAmAMJoAMBqgOSAwqsAmh0dBUx8J9iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02MTAwMjk5Yi01M2Q1LTRjZTMtYjMxYy1lZmFiNGE3NDBkYTQmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZynm0ANHJ0eXBlPW51cmwmdGFnATZsOTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8GllcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjQ5MzQyMDQxMTI3NTg1MjEwMiIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpOekl5T1RNeE5UUXdOVFV6TlRrak56BRQYMk9UZzBNegEM8EZZPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBEVUWIgFAZgFAKAF_uTdk4e6yLQswAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXsoFH6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe09gXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB9GiBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=1844d44a959c2a224074589a10b82f83bc27b2ef&pp=ZT1J4QAC3jMH_Ye6AAJgfp0zQhDA-Q7f9nHyCw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnYmj4Uk9ZbO8C7qP9u8P_sCJiAvS4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSmAk_QoLFbp0MauQPgH79ax3xtrb-3vQvo3Tq_vUQ3Kimeya7MFYGTHHD2x2n5vbzi1vh0IH7Dm1gpv1-bFCa0_UtA-Oe7g87nst5nUMbwKuKfc8T4kGNCJeB8N0SYUbGtyUcwKjR5ioorpMBCKoj59Y2juPbmU7Vdj44CD-4CE8AFvAAv9b4_Csn60OwioFFvJ_9-gqb1IfbXA8sfLaOzuMqTPvm5tBfbLYZuGfbxwIetcsqrUoMH4FAb2hqXgisN7xQ5tK2fqsG6d2FjEYlzEhz1TtycbprPMopsoOGTJbvFHis_Uv_9qGqm6QaFIiTug8GajplB9v6wBB3FZbgZe_My-6B5ShAbggKeAu47cBxDDObOV5jElOVPIMkLHxuNFiWiVV55CuAEAYAGwNKfhsi4sfjxAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0XszGM5Hdw_3mlaAjtmsQ6LrrM8g%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
an-x-request-uuid: 5dd06186-6bf7-4d34-99e1-9d3267198ab9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 201B 0
0 67ms
66ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRTQp4Uk9ZbWiBPjT9u8P2uey4AjS4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSrAk_Qu3vx34uwhZC1wyvqfAZm0wD70bML2fqYLnYK4leHnLpxl0DflHr6LSElfFCWiiDGHSnrL5Rvew0UFIrkYSxi9EDB_Jo6PfiDB0gcwh29B4wqc73_fezQzVDMrveyerMwnyHnG5sjXEbJkejolUCI5uodvLPZM9Zu7jod1B3xJ0EECghVT6tJvrPXyAtiDl5Gw7ANvM-AJ2c9qOmeporlPNgPnh4fuodvuU2NsOv1OWY-2VY-QbqH3HqulYq-gCXZQYAj6WVCOCaba0YX0b7u5THuxGi8aoNW49d4JrF-qXVSUsMYGOQNXpeFZa27ks3c1TEu2l1aGj7meGbOmKrx6Ms5J_vzmJcaX6tMFTrdf2EpBlZqgzZ76usIapEYbvHrMwF8FiZsAmhn4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=G7ALPGbJqJA&uach_m=[UACH]&cid=CAQSPADICaaNj2vLQfGYbEJCxlcQcZmZoK2R4CSStjAqdjPuG76R7D31cz9MbwsmMZLLLtv4E_nYHMysF15eexgB&cbvp=2&vis=1
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 201B 0
532 B 31ms
31ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.tiktokstalk.com&e=wqT_3QKMB-iMAwAAAwDWAAUBCOGT9akGELzDn934laqQJBgAKjYJWu3xynOstj8ReTBWmVH-tT8ZAAAAoEfh_j8heQ0SACkRJNAxAAAA4FG43j8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXil9wWAAQGKAQNVU0SSAQEG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqPAMeoCG2h0dHBzOi8vd3d3LnRpa3Rva3N0YWxrLmNvbYADAIgDAZADAJgDCaADAaoDmgMKsAJodBkx8IZiaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD05YmU3MWQ2NC03NDFiLTQxNjctYTE4Zi1jZTQ4NjJhODkyZDYmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMSZvQWRVbml0PTMJXFRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4AOY5xALhydHlwZT1udXJsJnRhZ0lkPTY5MzI1OTQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZ9CoBcGJhZ2VieSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzI2MDMyNjYwNTY1MzU5MjUxODAiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpJMk16WTNPVFF5TVRRMU9UZ2pNak15TkRRek5qTXdNRGt5TURVeU1BPT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFmqyGpbq32J9nwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFgqgG-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAJPXwAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHpfcF0gcNCS4mAAzaBwYICS-kBwDqBwIIAPAH0aIEiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=47da485a4c390de9a5b239a717df213723803b7d&pp=ZT1J4QABETUH_an4AAyz2mbDKia9GKuF4Koj7w&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfBhz4Uk9ZbWiBPjT9u8P2uey4AjS4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0zODMxODk0NTU5MDE0NjE0yAEJ4AIAqAMByAMCqgSuAk_Qu3vx34uwhZC1wyvqfAZm0wD70bML2fqYLnYK4leHnLpxl0DflHr6LSElfFCWiiDGHSnrL5Rvew0UFIrkYSxi9EDB_Jo6PfiDB0gcwh29B4wqc73_fezQzVDMrveyerMwnyHnG5sjXEbJkejolUCI5uodvLPZM9Zu7jod1B3xJ0EECghVT6tJvrPXyAtiDl5Gw7ANvM-AJ2c9qOmeporlPNgPnh4fuodvuU2NsOv1OWY-2VY-QbqH3HqulYq-gCXZQYAj6WVCOCaba0YX0b7u5THuxGi8aoNW49d4JrF-qXVSUsMYGOQNXpeFZa27ks3c1TEu2l1aGj7meGbOmKrx6Ms5J7nxuQXY-1EhgcCpyv9wguBuoDz_48UQszOeN3VXsytQDubt4AXz6CiI4AQBgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_28SlvJRq9OCS722W7WoVRrvjOrvw%26client%3Dca-pub-3831894559014614%26adurl%3D&cbvp=2

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
an-x-request-uuid: de9ad6cd-1754-40dd-bb3a-29b69a466067
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDA1
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFQqfZuyPOc-LT7Pb_q3s6w&google_cver=1&google_push=AXcoOmTWhZKgs43KPhatzlz-unhILYgU92XcmJxT75BkmWPBH_kLnP4IXv-MwnehBIinmAoQREYy7rZ1Mnq...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTWhZKgs43KPhatzlz-unhILYgU92XcmJxT75BkmWPBH_kLnP4IXv-MwnehBIinmAoQREYy7rZ1Mnq4R2EU6lvr6CkEm00w

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTWhZKgs43KPhatzlz-unhILYgU92XcmJxT75BkmWPBH_kLnP4IXv-MwnehBIinmAoQREYy7rZ1Mnq4R2EU6lvr6CkEm00w

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTWhZKgs43KPhatzlz-unhILYgU92XcmJxT75BkmWPBH_kLnP4IXv-MwnehBIinmAoQREYy7rZ1Mnq4R2EU6lvr6CkEm00w
Date: Sat, 28 Oct 2023 17:50:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDA1
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESENNPVt8Jp-Y0JIe0UuRc1GI&google_cver=1&google_push=AXcoOmT3V6Rjeyr9gqVkXFTg7MN6fRCngUK9F_x3aDbB_lTyFM0pwqv3C7-LPLW4qVftXauBKi-p75JjCLOq71k_aGtc1y4jde3_
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Tms5cHFRWHZDRGkxVFY5czQwazlaUQ%3D%3D&google_push=AXcoOmT3V6Rjeyr9gqVkXFTg7MN6fRCngUK9F_x3aDbB_lTyFM0pwqv3C7-LPLW4qVftXauBKi-p75JjCLOq7...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Tms5cHFRWHZDRGkxVFY5czQwazlaUQ%3D%3D&google_push=AXcoOmT3V6Rjeyr9gqVkXFTg7MN6fRCngUK9F_x3aDbB_lTyFM0pwqv3C7-LPLW4qVftXauBKi-p75JjCLOq71k_aGtc1y4jde3_

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Oct 2023 17:50:27 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Tms5cHFRWHZDRGkxVFY5czQwazlaUQ%3D%3D&google_push=AXcoOmT3V6Rjeyr9gqVkXFTg7MN6fRCngUK9F_x3aDbB_lTyFM0pwqv3C7-LPLW4qVftXauBKi-p75JjCLOq71k_aGtc1y4jde3_
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 243

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDA1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELBHAy5oUxtAHbn0nAt0Xw0&google_cver=1&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9N7WFL...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELBHAy5oUxtAHbn0nAt0Xw0&google_cver=1&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM2Nzc4MjUyOTU3NDQ4NzY0Ng&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9N7W...

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM2Nzc4MjUyOTU3NDQ4NzY0Ng&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9N7WFLemM7KwL4ChdgTnoJrZ0

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM2Nzc4MjUyOTU3NDQ4NzY0Ng&google_push=AXcoOmSd0VYUpo3_Xs4pqtKSyg8N99VRTwwqwU4BCkvMG6QcGU2DnDg1GoSb5pMyDUqoUR-7Wx9N7WFLemM7KwL4ChdgTnoJrZ0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDA1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEK4WOUt89xq9oeBPIiPEstM&google_cver=1&google_push=AXcoOmTLKgpZLHTtaSo3g6Rg3J_7aANAnL30vcLM0JxD1EwwOA3Nw31zGGTWZex_2VDE-ldLVLxx3Ws1V2X-fG2...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTLKgpZLHTtaSo3g6Rg3J_7aANAnL30vcLM0JxD1EwwOA3Nw31zGGTWZex_2VDE-ldLVLxx3Ws1V2X-fG...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTLKgpZLHTtaSo3g6Rg3J_7aANAnL30vcLM0JxD1EwwOA3Nw31zGGTWZex_2VDE-ldLVLxx3Ws1V2X-fG2xtp5zhxKlvcQ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTLKgpZLHTtaSo3g6Rg3J_7aANAnL30vcLM0JxD1EwwOA3Nw31zGGTWZex_2VDE-ldLVLxx3Ws1V2X-fG2xtp5zhxKlvcQ
Date: Sat, 28 Oct 2023 17:50:26 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H2 200 ebda
match.360yield.com/match/ Frame EDA1 43 B
199 B 200ms
47ms Image
image/gif 63.32.198.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEKvatT5otK0C9pAc8d2vg2Q&google_cver=1&google_push=AXcoOmTbsbH01lBqCYlZMEaD1hn5NMybW6ZVj6R5omPcl16tAJ-ALFAAwFZyh9H0c2qohb1DOc3XarlwDkP1ghP17sqbkFOo9UES
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.32.198.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-198-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 28 Oct 2023 17:50:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDA1
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKV71fjCQCLSlo_FnS8DGJw&google_cver=1&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25WzIH105CpsJyFT9SmxC3LIGUbCMlu_dem-KiGf_QNoqV
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25WzIH105CpsJyFT9SmxC3LIGUbCMlu_dem-KiGf_QNoq...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ0NzcwMzk4ODk5MzA4NDgxNzMzMQ%3D%3D&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ0NzcwMzk4ODk5MzA4NDgxNzMzMQ%3D%3D&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25WzIH105CpsJyFT9SmxC3LIGUbCMlu_dem-KiGf_QNoqV

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ0NzcwMzk4ODk5MzA4NDgxNzMzMQ%3D%3D&google_push=AXcoOmR_J9-fXpzSygaMSqe43gUELk_vLi-bx2Ko0u9JtYszx64TYm25WzIH105CpsJyFT9SmxC3LIGUbCMlu_dem-KiGf_QNoqV
date: Sat, 28 Oct 2023 17:50:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDA1
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESELi8aJZjn7jsnXDe8uf49cE&google_cver=1&google_push=AXcoOmSDzRZ2DlJ3GvItO4MHD2_4fZukQZyLqiJ0BZmpgE7PzvyYT0DJCVx-g9RrMt-0sF0WfDPVW...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSDzRZ2DlJ3GvItO4MHD2_4fZukQZyLqiJ0BZmpgE7PzvyYT0DJCVx-g9RrMt-0sF0WfDPVW6TDUkh2Hq-mcZ7SKjM2BoMe&google_hm=N25zTVJISi1lRXlC...

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSDzRZ2DlJ3GvItO4MHD2_4fZukQZyLqiJ0BZmpgE7PzvyYT0DJCVx-g9RrMt-0sF0WfDPVW6TDUkh2Hq-mcZ7SKjM2BoMe&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Oct 2023 17:50:26 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmSDzRZ2DlJ3GvItO4MHD2_4fZukQZyLqiJ0BZmpgE7PzvyYT0DJCVx-g9RrMt-0sF0WfDPVW6TDUkh2Hq-mcZ7SKjM2BoMe&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 240
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EDA1 0
12 B 30ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Loo9kYz_DqkF3KJvuUK8w2GcX2OFkUIkxqOZa9MK5ex6pT8IOdGLPxtDkY57fkyRLpPnftgg

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECfgu0hRguKsvq8VyVZ4gLs&google_cver=1&google_push=AXcoOmQyVrtjkG60pyHYzmGMyDk1ZqBJ2VMbGgYexeLRGuX7ZQKB4eO8wjfqcHqLqKUa67BHKoDqVkCafOR...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQyVrtjkG60pyHYzmGMyDk1ZqBJ2VMbGgYexeLRGuX7ZQKB4eO8wjfqcHqLqKUa67BHKoDqVkCafOR9ELxamZHzCBgtFkzS&google_hm=IZ2J9wrHS7WhxIh0XRGN1ho

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQyVrtjkG60pyHYzmGMyDk1ZqBJ2VMbGgYexeLRGuX7ZQKB4eO8wjfqcHqLqKUa67BHKoDqVkCafOR9ELxamZHzCBgtFkzS&google_hm=IZ2J9wrHS7WhxIh0XRGN1ho

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQyVrtjkG60pyHYzmGMyDk1ZqBJ2VMbGgYexeLRGuX7ZQKB4eO8wjfqcHqLqKUa67BHKoDqVkCafOR9ELxamZHzCBgtFkzS&google_hm=IZ2J9wrHS7WhxIh0XRGN1ho
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBi2q2gsQBVy-6Nz_qICGEA&google_cver=1&google_push=AXcoOmSrZgKkqOrg0dPoj8Q5A0zfaO1Q7CrZp71AfPxeBdrSjg3xNRuI6SM1PCQ2SJUQhjXyyGlM85zH7La3Ez...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTA2ODIwNjQyOTEwODM3MA%3D%3D&google_push=AXcoOmSrZgKkqOrg0dPoj8Q5A0zfaO1Q7CrZp71AfPxeBdrSjg3xNRuI6SM1PCQ2SJUQhjXyyGlM85zH7La3EzugGT...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTA2ODIwNjQyOTEwODM3MA%3D%3D&google_push=AXcoOmSrZgKkqOrg0dPoj8Q5A0zfaO1Q7CrZp71AfPxeBdrSjg3xNRuI6SM1PCQ2SJUQhjXyyGlM85zH7La3EzugGTgR6zBzcrpz

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NTA2ODIwNjQyOTEwODM3MA%3D%3D&google_push=AXcoOmSrZgKkqOrg0dPoj8Q5A0zfaO1Q7CrZp71AfPxeBdrSjg3xNRuI6SM1PCQ2SJUQhjXyyGlM85zH7La3EzugGTgR6zBzcrpz
Date: Sat, 28 Oct 2023 17:50:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRMkF...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cUhuom1NfpGk2jLFENA_fqDuKtW5FffrNv9Y8g&google_push=AXcoOmRMkFzlLSaeAIZbLfSqsvpuG5WLWVqemfQJJRjr7ndQ2VOKUv-nkeSjn3LKhIVHjogibdOQJOC29gh0...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cUhuom1NfpGk2jLFENA_fqDuKtW5FffrNv9Y8g&google_push=AXcoOmRMkFzlLSaeAIZbLfSqsvpuG5WLWVqemfQJJRjr7ndQ2VOKUv-nkeSjn3LKhIVHjogibdOQJOC29gh0VAGFDc4ou5x1wsTU

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-cUhuom1NfpGk2jLFENA_fqDuKtW5FffrNv9Y8g&google_push=AXcoOmRMkFzlLSaeAIZbLfSqsvpuG5WLWVqemfQJJRjr7ndQ2VOKUv-nkeSjn3LKhIVHjogibdOQJOC29gh0VAGFDc4ou5x1wsTU
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 583536
content-length: 0
expires: Sat, 28 Oct 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELA5s6llDU_RJkxb1dDibrs&google_cver=1&google_push=AXcoOmTnsuuj1AbxmOyTjZs_TIt-QUzTdn3NDYCsOzsbWKq8wHkO3iYNoKDX4W1cRZzEbct_3RDh_0XERCLQDk6...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTnsuuj1AbxmOyTjZs_TIt-QUzTdn3NDYCsOzsbWKq8wHkO3iYNoKDX4W1cRZzEbct_3RDh_0XERCLQDk...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTnsuuj1AbxmOyTjZs_TIt-QUzTdn3NDYCsOzsbWKq8wHkO3iYNoKDX4W1cRZzEbct_3RDh_0XERCLQDk6mrd2RZmxXqtU

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=WuEUFV1iVYR8wfKsH_kNm9ly2ho&google_push=AXcoOmTnsuuj1AbxmOyTjZs_TIt-QUzTdn3NDYCsOzsbWKq8wHkO3iYNoKDX4W1cRZzEbct_3RDh_0XERCLQDk6mrd2RZmxXqtU
Date: Sat, 28 Oct 2023 17:50:26 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 9C5C 42 B
233 B 346ms
113ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFanfVpDIohoumGn2aM4-Tg&google_cver=1&google_push=AXcoOmRIQadH4_4WKeyrJgBw5LUNAiUgFmf-wN8sdeTB6grns4imaQ7WnA7e2_41wJHknnbldRZFzfycGtt79EDl7NGYuZji280
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Oct 2023 17:50:26 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 9C5C 0
236 B 192ms
42ms Image
text/plain 2600:9000:211e:5c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED4Ek2FM2wjujPMfcr4fVyo&google_cver=1&google_push=AXcoOmRZ8vBy1kR9LT4xp4Q2JTnT2XUnzYCF_1AFMNOj0QPkR3iKkV3hN3fLemya7onAxV3K0oi6q8yKj7EsobPoPWs_V1i-ERvp
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:26 GMT
cache-control: no-cache, must-revalidate
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: icYluw8vkeLl4wauW37kYUkWmsDEMA-DwcdrLGXipxJOtCg876yc3Q==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C5C
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEJhsf7VNVcgzOzvZuLf1FHI&google_cver=1&google_push=AXcoOmRJXyKMzwYhBOr94uLgtX7-3enr7PK6WIgT1rNtB0PGRixIc9OZRf4TvNMjonzeKLPMRDUzzZ9lQv6ZqfwMp_fNXy0...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRJXyKMzwYhBOr94uLgtX7-3enr7PK6WIgT1rNtB0PGRixIc9OZRf4TvNMjonzeKLPMRDUzzZ9lQv6ZqfwMp_fNXy0cnB-lRA&google_hm=NjE3OTk3M...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRJXyKMzwYhBOr94uLgtX7-3enr7PK6WIgT1rNtB0PGRixIc9OZRf4TvNMjonzeKLPMRDUzzZ9lQv6ZqfwMp_fNXy0cnB-lRA&google_hm=NjE3OTk3MDMwODM1NjgyMTYx

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmRJXyKMzwYhBOr94uLgtX7-3enr7PK6WIgT1rNtB0PGRixIc9OZRf4TvNMjonzeKLPMRDUzzZ9lQv6ZqfwMp_fNXy0cnB-lRA&google_hm=NjE3OTk3MDMwODM1NjgyMTYx
Date: Sat, 28 Oct 2023 17:50:26 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9C5C 0
12 B 32ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJo5C1Ewe04GO17pUsTLOey1yVj9AERpV5tKxLzyhrZrGxMBc2m0y_WaYRWUW9h_fwz_D-_A

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1ADB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELmOEfwaRGK5lkS_Jej2yQk&google_cver=1&google_push=AXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELmOEfwaRGK5lkS_Jej2yQk&google_cver=1&google_push=AXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQ...

43 B
436 B

186ms
185ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELmOEfwaRGK5lkS_Jej2yQk&google_cver=1&google_push=AXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81d505676ff8bbcd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 214
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELmOEfwaRGK5lkS_Jej2yQk&google_cver=1&google_push=AXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTl981xrH1Y-DunEchg0rCJrb_DlpGABYcqOSBTel61OMyaF_l7eGaAHkCudRkcgEomx3uotkwoqLBymVq2zrovm_ApCsQp%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81d505663dffbbcd-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESED2O_s5wxenLaa7PWjAQ4QQ&google_cver=1&google_push=AXcoOmQ9vxyttmmQJGZ79znofpupgzqUzucwZ6Og4SmT5B7sk3mc8VVyMwf-I4tRhvPbVdh-ulFzc...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9vxyttmmQJGZ79znofpupgzqUzucwZ6Og4SmT5B7sk3mc8VVyMwf-I4tRhvPbVdh-ulFzcSLSc3fjeHCsy52piXoZcx-q

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9vxyttmmQJGZ79znofpupgzqUzucwZ6Og4SmT5B7sk3mc8VVyMwf-I4tRhvPbVdh-ulFzcSLSc3fjeHCsy52piXoZcx-q

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Oct 2023 17:50:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C92A96605F2A4148A7ED77B8B875835D Ref B: FRAEDGE1920 Ref C: 2023-10-28T17:50:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQ9vxyttmmQJGZ79znofpupgzqUzucwZ6Og4SmT5B7sk3mc8VVyMwf-I4tRhvPbVdh-ulFzcSLSc3fjeHCsy52piXoZcx-q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYIynCh6pEdtQ7kVLOc9Q==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESENzMlHr_OtKdB21hP0P_Bq0&google_cver=1&google_push=AXcoOmS9IywusX9ldVkArx1GZMiEMftncPYDtBq4h2NYBDyN1PpXs15K5xXjywAf3_i_8lnuFl4jj41cZsKlgK5_fDGchtpbBQk
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDhEMEExMTY0NkNDMTdFNQ==

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDhEMEExMTY0NkNDMTdFNQ==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NDhEMEExMTY0NkNDMTdFNQ==
date: Sat, 28 Oct 2023 17:50:26 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENCLiwH6gyE42kwORhG37QY&google_cver=1&google_push=AXcoOmQidT_JhzPU78v7UBClMyZ1nabaMd09k8HMjGGggk1BKpwvcxTj_zN0BYngfLuDZN3-Ovmh_hqhkHLHp27M...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmQidT_JhzPU78v7UBClMyZ1nabaMd09k8HMjGGggk1BKpwvcxTj_zN0BYngfLuDZN3-Ovmh_hqhkHLHp27MrT7jekk09YL2

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmQidT_JhzPU78v7UBClMyZ1nabaMd09k8HMjGGggk1BKpwvcxTj_zN0BYngfLuDZN3-Ovmh_hqhkHLHp27MrT7jekk09YL2

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Oct 2023 17:50:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9jD_1WhyQtcZIF1FuCHLHA&google_push=AXcoOmQidT_JhzPU78v7UBClMyZ1nabaMd09k8HMjGGggk1BKpwvcxTj_zN0BYngfLuDZN3-Ovmh_hqhkHLHp27MrT7jekk09YL2
x-host: tde-deliveryengine-production-5bf79cd4ff-7xc5d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEHlAeyVfAnFPWhB8O-mXPu0&google_cver=1&google_push=AXcoOmR5ZTb6-WheYAOPEEjeODCTO0BoYNPg2HNetHjW3QFeC3nGWBT9PYe0e-P2p59x3-BBwsfJCCOmiKww-...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5ZTb6-WheYAOPEEjeODCTO0BoYNPg2HNetHjW3QFeC3nGWBT9PYe0e-P2p59x3-BBwsfJCCOmiKww-uAy50hEX3qOyCNa&google_hm=N25zTVJISi1lRXlCcUVC...

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5ZTb6-WheYAOPEEjeODCTO0BoYNPg2HNetHjW3QFeC3nGWBT9PYe0e-P2p59x3-BBwsfJCCOmiKww-uAy50hEX3qOyCNa&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 28 Oct 2023 17:50:26 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmR5ZTb6-WheYAOPEEjeODCTO0BoYNPg2HNetHjW3QFeC3nGWBT9PYe0e-P2p59x3-BBwsfJCCOmiKww-uAy50hEX3qOyCNa&google_hm=N25zTVJISi1lRXlCcUVCRzJwaVE=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENyUBKTgU5Q_jdYzmf4Pss0&google_cver=1&google_push=AXcoOmQ_M9bKkwTdEkyYeHQYqJcKZVanJ6cOtKBtBDlXtIe2XIlzoLsUyiOjUQ1O4Unwl6Aijda98...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ_M9bKkwTdEkyYeHQYqJcKZVanJ6cOtKBtBDlXtIe2XIlzoLsUyiOjUQ1O4Unwl6Aijda980KIMsDjrK0gJrP-91wv8sf_&google_hm=WlQxSjQ4Q28...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ_M9bKkwTdEkyYeHQYqJcKZVanJ6cOtKBtBDlXtIe2XIlzoLsUyiOjUQ1O4Unwl6Aijda980KIMsDjrK0gJrP-91wv8sf_&google_hm=WlQxSjQ4Q281czhBQUREZm5ib0FBQUFB

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sat, 28 Oct 2023 17:50:27 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESENyUBKTgU5Q_jdYzmf4Pss0&google_push=AXcoOmQ_M9bKkwTdEkyYeHQYqJcKZVanJ6cOtKBtBDlXtIe2XIlzoLsUyiOjUQ1O4Unwl6Aijda980KIMsDjrK0gJrP-91wv8sf_&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZT1J48Co5s8AADDfnboAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad258"}
X-SO-Key: ZT1J48Co5s8AADDfnboAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad258
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmQ_M9bKkwTdEkyYeHQYqJcKZVanJ6cOtKBtBDlXtIe2XIlzoLsUyiOjUQ1O4Unwl6Aijda980KIMsDjrK0gJrP-91wv8sf_&google_hm=WlQxSjQ4Q281czhBQUREZm5ib0FBQUFB
Cache-Control: private
X-SO-HostName: m-ad258.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: a-tgng40011.dc2p.scaleout.jp
X-SO-IP: 217.114.218.26

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 1ADB 42 B
233 B 342ms
112ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEInPSqGI-J5yA58mTFbZu6A&google_cver=1&google_push=AXcoOmRadPylduELswSck1RXc_BcQ_12KFfMHFUvFznMKTwVGMdTFRAoUWMglpXDPIHEtlm5Bo9OrfMcLehi98I8TXivkhuV7TNP
Requested by: Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Oct 2023 17:50:26 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1ADB 0
12 B 30ms
29ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjTFahNGb8M3kMZRePrEPTp2CymDZDYtMevJUBQNuC8Ag9u5WairI8kpDQTrJtG9PhQZ5wGA

Requested by

Host: ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 FZ9XXdmvjlIvw6QJ2t2pvLscGtIfNwGGEz70b-Okwhc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F64 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FZ9XXdmvjlIvw6QJ2t2pvLscGtIfNwGGEz70b-Okwhc.js

Requested by

Host: www.tiktokstalk.com
URL: https://www.tiktokstalk.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

159f575dd9af8e522fc3a409dadda9bcbb1c1ad21f370186133ef46fe3a4c217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 14:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15148
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 14:07:59 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7362 42 B
174 B 128ms
128ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLeFotMjwFFM-J83Eil6HX195K_IrnAo_eX4DkT4CeX_fToFH0_ksPCQ89nDnqtKLK9F76GPfGTrxSJ4_ZwOYD31Mt6X1cjUfjUV8&sig=Cg0ArKJSzNo0OJBhzgdWEAE&id=lidar2&mcvt=1000&p=487,430,767,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3707072078&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698515425498&rpt=177&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 6341
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ddacb16a-a796-4436-937f-be224d0aa718&bidId=1&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=6100299b-53d5-4ce3-b31...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4ef70c0529784b7081257d5b1b0de2c4&tids=1&med=10

0
18 B

96ms
96ms

Image
text/plain

2a02:26f0:f700:9::58dd:5c12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4ef70c0529784b7081257d5b1b0de2c4&tids=1&med=10
Protocol: H3
Server: 2a02:26f0:f700:9::58dd:5c12 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0FFB999925104CC5B6F5EBDD6F53FDC6 Ref B: FRAEDGE1412 Ref C: 2023-10-28T17:50:27Z
x-cdn-traceid: 0.12291202.1698515427.ff87f6
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 28 Oct 2023 17:50:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C9BBC7385584E6681B56E2DE4E10D1B Ref B: MIL30EDGE1508 Ref C: 2023-10-28T17:50:26Z
x-cdn-traceid: 0.12291202.1698515426.ff8736
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4ef70c0529784b7081257d5b1b0de2c4&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

POST
H2 200 all
csm.eu.criteo.net/ Frame D192 0
127 B 38ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 28 Oct 2023 17:50:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6341 42 B
64 B 127ms
127ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugXKG8W_t4xD-E8X_3TS_565CCgC6Z7zqhfIWBMBdoyFhfOTSrnmzFj9qtPDUT3U6OTX52Ysc1AAtR6WDW8P9G6K7sKSNwS8x7C0cDgqSHP7HAwgTESQ&sig=Cg0ArKJSzFHNoB-tA0-TEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1275878075&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698515425525&rpt=453&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 6341 0
582 B 33ms
32ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.tiktokstalk.com&e=wqT_3QKDB-iDAwAAAwDWAAUBCOGT9akGEMbyuI70lJrNIhgAKjYJwKsRXOwcrD8R654l_QNFqz8ZAAAAwMzM-D8h6w0SACkRJNAxAAAAoJmZ2T8w8pCnAzi1AUC1XkjjA1C6iYq2AVitxD1gAGjcAXi09gWAAQGKAQNVU0SSAQEG8GGYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACo8Ax6gIbaHR0cHM6Ly93d3cudGlrdG9rc3RhbGsuY29tgAMAiAMBkAMAmAMJoAMBqgOSAwqsAmh0dBUx8J9iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02MTAwMjk5Yi01M2Q1LTRjZTMtYjMxYy1lZmFiNGE3NDBkYTQmYmlkSWQ9MSZiaWRkZXJJZD00JmNtRXhwSWQ9TFYxJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZynm0ANHJ0eXBlPW51cmwmdGFnATZsOTMyNTk0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ8GllcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjQ5MzQyMDQxMTI3NTg1MjEwMiIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpOekl5T1RNeE5UUXdOVFV6TlRrak56BRQYMk9UZzBNegEM8EZZPcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBEVUWIgFAZgFAKAF_uTdk4e6yLQswAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXsoFH6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe09gXSBw0VZQEmCNoHBgFesBgA4AcA6gcCCADwB9GiBIoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=1844d44a959c2a224074589a10b82f83bc27b2ef&type=pv&jm=1140|1141|1003&px=0&py=0&bw=182&bh=90&sf=1&sid=2725849271923869779&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6932594&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:27 GMT
an-x-request-uuid: c771b948-e95c-4987-94f3-0f4fdf017a08
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO5-eKVlexl1gKy81z5cmMUVtwDe6ejEuqGiWfZWH5bGcxT5LFH2OumkPtVZIKs5nRCbSA2T8EoUeYcjyQna1dg-VZfN0whWYkdQ-c3fGpx0YsBJT7qeKO-PPxxpDtoZKZxrh-bojGpslKAVue_Q3bDKuRMym8Y2BiTNVmafkHe2XTohiWzsSMnM4Sk5PEpfm3iyV4nZjhIKlQkdHI3QwsQ9AVPhjSI562t00SSZoZTqjjByN3UgepJRt85aV4Dy_fyNfNOP9P-92ogl48eMceDVhPbS5X63eLUI-1Ic36GAvho7nuLA1M3hwoJZyVmcpd-ZX5TU4CqX_58CR2slxX4RSKD3VIoZyl3Uwri6_JLoevxC6oYSKwUdr9h8LjVmH_RqWxLyd6U0686n8LUwaKPS_AguqQEXzBL3zqa8F8zamQVzYaCg&sai=AMfl-YSKK-1-YQ2i21CrD8fZ2KDF9N1mCO7vRaaq91vdlFiKOqRwIyb98UfVdX7RtNKv8kxsvxxfbkmdv1HoVTfMqg6wF9Yjtsa3Hr_7iA2Ii6iwRA6__4zJFfxsmmgSPoDinGT2q3jBknD8f8RTgPEB&sig=Cg0ArKJSzAdgt2NgAa8NEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwoHp1YxEfkytv5qlUAz1sshhqC4V0Vpc3TJ5kTik_lEy8H0baTRz8n91FOO-34TEnBzknIRKO2YfvcwH8TbRqbdIWEgLgbn_XOrJ030VVxCBblQ5go0CHNlZlyIWck__O4rPnrVguTHSx-ClZWf-dSSZ-ZyxTQHQrl7QYgCHr9U7MEpxDCqZt7uoBSgOtwJdowk8aL9HQpsl12Ej5tgsUZIuX3MepOUWcj_vuXu46p3F788j009Zog9ItcJsr--q-sWgrVM6raWwqqkfNu8yxVbQcMC92FrkteLWcmHik_KjNUv2R_Ub-vaHiTjCdLpIDe5TmWE3Mc5R4JFygcDqWfrLNjwrxSCHvDMDh2c4HJEkHUKZgawmo4l-sdtg3-uE4wvtKVjCYq6g6z7T3-BL7eqYzT-sX2ZZS_J2tOnnOTAGkOMJPoQ&sai=AMfl-YQ_IbN9d7xVvN6cvMO0-80_nxx5EyJPa0Ru3cGaAimIfSp0ii0uPKv9g4J1cbQQ6Na47eu56iTpft7_DHKY24efZcaDl6uk1OHORwIPGMbZsWIAVNOuylks4wO2mxcj3SowJt1wPC2XUIhkuR4&sig=Cg0ArKJSzD5Lk-LZCJxdEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJkxAgpj9HaTWze_OezqKc_ttNoqIjI65DmuZFZ-JHw4BeUvTILJG3FeNC33QrmhKvI4polzppbf0qyIKO8eGjMj3W-EiceE4LHrLt6p171aENdxx1ZZD1MVlkzw0ZEsfgc-hiG8WwjJPlWOZInmnTZaCt-VoV91BItmvdzLU2xoxjObts-XmT400NltZlfFfOb9gNY7wN5acjLVWqrW40KexBg4jnaEgI8N7We1m7I2BjroEMdm1OcBdREPyW_c_MpLmgf_1GY6L8leRcAQmc06-hwSa7108M3QQ5oF2jmudeQDdp17wAI4y492bjVE8UzYuHImKBKfd8NRmhBiDUYfSP2QWW4scYbruonzdB53VMgmMoWBrXow6jxJs6v4WqN978kUXPzvGfKZikkC5W8l6Q230CrGDh6cs9CfEUDHzmGEsq-g&sai=AMfl-YSIJq9HpgUo6iQCJfvSaeljKJLZbu8bd0ZWFqDtX3yGTiIRRuqPLYpzoS9PWUeGxaRn15pvaN8ZXitj74_QwVzmm1mUYz09TtrChcNgKGTHAFGZxQTmAARB80oPz-IYO49iiqUyomF-AsrPnJDU&sig=Cg0ArKJSzHUK6CyZpopQEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tiktokstalk.com/	1969-12-31 23:59:59	Name: connect.sid Value: s%3AAa080oX-GPCZ2Y4HDNfCiBjZMIapys9p.tP1FKSC%2FLwN52JYUf1s8Blsoov6%2BlXc2d0FNlIxyb%2FQ
live.demand.supply/	1970-01-21 01:24:35	Name: demandSupplyTi Value: 15fb51f4-807d-4151-a910-2e91b99dd249
.demand.supply/	1970-01-20 15:48:37	Name: __cf_bm Value: cQZpNH3GPvEcQfXO0uaFceEjRQxyguS6_LqjVIsAMzY-1698515423-0-AbxsjKujHN83Mn9BSE+gGWFfDbWl/0NoMqQhnxKp4IJ9IzdATdxFXynTPvt5Q9JtPpNSdgQRzf0oGXedIi6knY4=
.tiktokstalk.com/	1970-01-21 01:24:35	Name: _ga_138DD411QN Value: GS1.1.1698515424.1.0.1698515424.0.0.0
.tiktokstalk.com/	1970-01-21 01:24:35	Name: _ga Value: GA1.1.918787943.1698515424
.tiktokstalk.com/	1970-01-20 15:48:35	Name: lotame_domain_check Value: tiktokstalk.com
.tiktokstalk.com/	1970-01-21 00:34:11	Name: connectId Value: {"ttl":86400000,"lastUsed":1698515424746,"lastSynced":1698515424746}
.criteo.com/	1970-01-21 01:10:11	Name: uid Value: 3b68768a-002f-4f06-bf1e-51b84d3474d2
.openx.net/	1970-01-21 00:34:11	Name: i Value: 7353d733-d335-4c84-9a38-f5aa92faf0f8\|1698515424
.tiktokstalk.com/	1970-01-21 01:10:11	Name: cto_bundle Value: gcJ4q19ISWluZlJVJTJCRkpVOXhLejFlWERvWFNoRjBkdmRXSUdlSnRqVjVYUSUyRiUyQk5TVEM3TlhORzQlMkZzcmNmNkVBNjdOZUElMkJXZUxsMGVSbHpuQzBWY1dNckZ0YThTazFpVWd0NWlwR2VTUnNqY0hyZUVxekYxTzRvZWFnZyUyRk8wcmxRWnhyWkZueGdMTnRSY3glMkZrWE8lMkZuSGlXVmpBJTNEJTNE
.tiktokstalk.com/	1970-01-21 01:10:11	Name: __gads Value: ID=a024ea94cb3847d9:T=1698515424:RT=1698515424:S=ALNI_MZKnrBX8lOtfq5emG3YOpiCMPpVeg
.tiktokstalk.com/	1970-01-21 01:10:11	Name: __gpi Value: UID=00000cac0df8069e:T=1698515424:RT=1698515424:S=ALNI_MbtO7CpWjRA5vWztyQcacFFa-Eb3A
.travelaudience.com/	1970-01-21 01:20:16	Name: _tracker Value: %7B%22UUID%22%3A%22F630FFD5-6872-42D7-1920-5D45B821CB1C%22%7D
.1rx.io/	1970-01-21 00:34:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-51bc9074-a33d-4df3-9dd8-4a40af01abec-003%22%7D
.bing.com/	1970-01-21 01:10:11	Name: MUID Value: 23B805D357B56A793076166B56C26BBE
.pubmatic.com/	1970-01-20 15:50:01	Name: KTPCACOOKIE Value: YES
.doubleclick.net/	1970-01-21 01:10:11	Name: IDE Value: AHWqTUmC49K2VUPgyqxgFDmP2Zb7lv8msCDMlRN18UWsHfaaBZnEx2yv7fY-98mw7Xw
.yandex.ru/	1970-01-21 01:24:35	Name: yuidss Value: 2789902461698515425
.yandex.ru/	1970-01-21 01:24:35	Name: yandexuid Value: 2789902461698515425
.pubmatic.com/	1970-01-21 00:34:11	Name: KADUSERCOOKIE Value: 510DBCAD-6F88-4CFD-AC0C-38686321F90A
.targeting.unrulymedia.com/	1970-01-21 00:34:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-51bc9074-a33d-4df3-9dd8-4a40af01abec-003%22%7D
.zemanta.com/	1970-01-21 00:34:11	Name: zuid Value: 7nsMRHJ-eEyBqEBG2piQ
ads.travelaudience.com/	1970-01-21 01:20:16	Name: _tracker Value: %7B%22UUID%22%3A%22F630FFD5-6872-42D7-1920-5D45B821CB1C%22%7D
.3lift.com/	1970-01-20 17:58:11	Name: tluid Value: 1447703988993084817331
.adfarm1.adition.com/	1970-01-20 17:58:11	Name: UserID1 Value: 7295068206429108370
.adsby.bidtheatre.com/	1970-01-20 15:58:40	Name: __kuid Value: e2ddddcc-29d7-4ec9-ba06-94fecf2f6721.467729426
.adform.net/	1970-01-20 16:33:13	Name: C Value: 1
.ctnsnet.com/	1970-01-21 00:34:11	Name: gid_CAESECfgu0hRguKsvq8VyVZ4gLs Value: 1
.ctnsnet.com/	1970-01-21 00:34:11	Name: cid_219d89f70ac74bb5a1c488745d118dd6 Value: 1
.rfihub.com/	1970-01-21 01:10:11	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129cooTjMP8wtLTq_yryqLKvVJM3Tz8AziNTSztDA1NDUxMjM2MHnFiMI3BQAk9k1BPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSMjM0t7Q0NzA2sDA2NbMwMjQzFOIz1C1KcoovLysvcDWqcAIAALDGBiQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129cooTjMP8wtLTq_yryqLKvVJM3Tz8AQALtOsfh4AAAA
.rfihub.com/	1970-01-21 01:10:11	Name: rud Value: H4sIAAAAAAAA_-MSMjM0t7Q0NzA2sDA2NbMwMjQzFOIz1C1KcoovLysvcDWqcAIAALDGBiQAAAA
.adform.net/	1970-01-20 17:14:59	Name: uid Value: 6367782529574487646
.linkedin.com/	1970-01-21 00:34:11	Name: bcookie Value: "v=2&75bc3272-5128-4b57-81d6-ef776a7db1b6"
.linkedin.com/	1970-01-20 20:07:47	Name: li_gc Value: MTswOzE2OTg1MTU0MjY7MjswMjF+XzIaOfQYsrdYABQkAJnfBaFTiqEHWcYWXAp4FrsN8g==
.linkedin.com/	1970-01-20 15:50:01	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2741:u=1:x=1:i=1698515426:t=1698601826:v=2:sig=AQExf6Xsqhwvsw3kgZfyGfXj8OPv-7u5"
sync.srv.stackadapt.com/	1970-01-21 00:34:11	Name: sa-user-id Value: s%3A0-5ae11415-5d62-5584-7cc1-f2ac1ff90d9b.nj49kSetDiItaX2JPilNGguXVbCbfgkpSJeJRhY2n3M
.srv.stackadapt.com/	1970-01-21 00:34:11	Name: sa-user-id Value: s%3A0-5ae11415-5d62-5584-7cc1-f2ac1ff90d9b.nj49kSetDiItaX2JPilNGguXVbCbfgkpSJeJRhY2n3M
sync.srv.stackadapt.com/	1970-01-21 00:34:11	Name: sa-user-id-v2 Value: s%3AWuEUFV1iVYR8wfKsH_kNm9ly2ho.u5Bck1lL65fcEB7tE0jP%2BZutDnAu6sLusxImceKEuIg
.srv.stackadapt.com/	1970-01-21 00:34:11	Name: sa-user-id-v2 Value: s%3AWuEUFV1iVYR8wfKsH_kNm9ly2ho.u5Bck1lL65fcEB7tE0jP%2BZutDnAu6sLusxImceKEuIg
.tribalfusion.com/	1970-01-20 17:58:11	Name: ANON_ID Value: a4ntuJSZdIijSTnMSXONpaoE7pZc9NY9ZbmCKIregYlveyFvAZaWsqTEMpWLfZaa7CILZbajVyZdUGQ7d5p7RKEZcrZbZdIhZcD
sync.srv.stackadapt.com/	1970-01-21 00:34:11	Name: sa-user-id-v3 Value: s%3AAQAKIDB-lqRUtpZDFtoaFyixgcQdg6gtUD97DxANpDhbnkTDEHwYBCDik_WpBjABOgSSgrqOQgTkMyqX.szsK571fFDmzjq70a7aBbXecRfIjJbFmKFxmBox935A
.srv.stackadapt.com/	1970-01-21 00:34:11	Name: sa-user-id-v3 Value: s%3AAQAKIDB-lqRUtpZDFtoaFyixgcQdg6gtUD97DxANpDhbnkTDEHwYBCDik_WpBjABOgSSgrqOQgTkMyqX.szsK571fFDmzjq70a7aBbXecRfIjJbFmKFxmBox935A
fksnk.com/	1970-01-20 15:58:40	Name: AWSALBCORS Value: gSAj45mHrsObawJ8iR19ftZ2Hx7rgOdNHTs2TV+psGq9BXJTTJl2SjrntUCcPPTW1KLCKURRcKhdUFmeuNgTLFc2F6MtzfXX8jbIFzSsBVLEGpPVkCiLdeBuUXrP
.fksnk.com/	1970-01-20 17:58:11	Name: f_001 Value: 48D0A11646CC17E5
.fksnk.com/	1970-01-20 15:50:01	Name: g_001 Value: 1
.c.appier.net/	1970-01-21 00:34:11	Name: _auid Value: Nk9pqQXvCDi1TV9s40k9ZQ
.c.appier.net/	1970-01-20 16:31:47	Name: _gu Value: CAESENNPVt8Jp-Y0JIe0UuRc1GI

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.rfihub.com
a.tribalfusion.com
ads.eu.criteo.com
ads.travelaudience.com
adsdk.microsoft.com
ajax.googleapis.com
ams3-ib.adnxs.com
an.yandex.ru
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
csm.eu.criteo.net
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
ed663bf0ca0b5fe9f7d63cf7f6a996e6.safeframe.googlesyndication.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
live.demand.supply
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.tribalfusion.com
securepubads.g.doubleclick.net
static.criteo.net
sync.1rx.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.bing.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tiktokstalk.com
x.bidswitch.net
securepubads.g.doubleclick.net
www.googletagservices.com
104.18.35.167
134.122.57.34
142.250.186.162
162.19.138.118
172.104.121.22
174.137.133.49
178.250.1.6
178.250.1.9
185.64.190.78
185.89.211.116
193.0.160.130
2001:4860:4802:32::36
211.120.53.203
23.35.236.188
2600:9000:211e:5c00:1b:5138:8a40:93a1
2600:9000:223c:8c00:10:dd8:5e40:93a1
2600:9000:2250:ce00:a:e047:753:6381
2606:4700:10::6816:3456
2606:4700:3037::ac43:ad9a
2606:4700::6810:5914
2606:4700::6810:8516
2606:4700::6812:19ad
2620:1ec:21::14
2620:1ec:bdf::45
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:26f0:f700:9::58dd:5c12
2a02:6b8::90
3.121.157.25
3.210.56.15
3.75.62.37
34.102.146.192
34.120.135.53
34.96.70.87
35.186.193.173
35.190.0.66
35.244.159.8
35.71.131.137
37.157.5.132
46.228.174.117
54.165.78.186
54.75.204.82
63.32.198.140
64.202.112.31
65.9.66.104
76.223.111.18
85.114.159.118
007e8b6b42bef63c417a0d4825e6a70a5d5a2e47966fafb2783995c81f42f79a
01f19f2599699fcc6443decf2d5af0ecda41510ea275a56c310d918a49077ba0
0645cc7d00365d82fca97bd894afa236f1a39e4520935bf2b3705f08d07fafb2
0786bfe9bfb98e718267cee2454ff0680ee52cd746e0265e997eee961362537a
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0f17202f689f99bc76c3021a6493915dbb76672987a947cbc08d9a74f7809662
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
159f575dd9af8e522fc3a409dadda9bcbb1c1ad21f370186133ef46fe3a4c217
17d96fe87dda65359907971d63c2303caa22c85ee574260c2c07f03537b3293a
1e027ae8d3bda41933fb2571c951d59b59c889b316ca495833acbc8915135f9a
214c702498c8800f052c7e7e5bab05e860e1e20c81c71b74ad15084dee9017b7
254ed2440d3fe989e8e3e2f2a892760cd72ec637fffa6a2955e2c95895c0feef
27f99d39db30437124397a74027e903b620e5aad550b6e45633646f5608d164c
283c2c9f8d3d4427441e7ced76fd05e66367cb0fac07823f9c91da71ba98df79
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e7595acf05a5077389017b0bc43ab2ac934f6df1ba35bd530aaf07aec86872b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32414d567ed369b703973cf08eeaed4ca0d15b0fb89fc467e6348ca95ecd659c
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c403d2eb0951999e5a3b90338a97c71eee19956ea41892c167dd354247fd84
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60240e59da7c6f28c3aac80db5615d8050ba04de2e573ae19259c0ff0a0ddfbb
6196858bca441c793bc70827260ff5cd02ab1d9fa97dfca4d9679b1de96376cb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b90f4e159f4f3d42aad2909457d9682607b57c246cbfaf45bffdeed0aa72fae
6bd72a9009e981b663873c89613c0854fc29c208b509ebe3209e2fcf9589de24
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e670c0b31e7629c9f894a9a6e8b5e598916375bc75d8de379895c59fb5d2c2
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
769fc859729b2fe931a61fd68dac77dd02f7fcec1e00937b74f82a57245c7231
7c922c7be49745ab337127b5355fe9805e0cc9bc2e0cde6436e2eeb3941f6eec
7de09b15b366d4d073ab57fdbad52f97b396a8f85b3ff5e2aaadeebd4ed99881
80400bac369ea4484573731db58d2181679dda28b7cbcef7ee604353ad9a1335
829c9a9ce0063073939fee8d32e7524cd99fc92272fc932129e3541f152323de
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
8ae3bc20a43b20aed3d3202c84576cde8576f1288a10c73c441a24416476582d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d79f7d0dcf0433c3a56abfa1154fbdfdfa6fa72ccc25fdda8b7a3036aee8330
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f7f35c0a4c174baddea403f8f1d03b0c881a3e89ac7ce33da009f613f58fcf8
96fa3111a0a009e2b7ef6a3a1d1abc4e25e128082758ae8e74194a2b5957a32c
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fed20c2d3bdb68a022d606f9d2a75ab380c5ee1ffca22a23075a791885833a8
a03c4578f73d61ff2655eeb096a800f0bbd1da1a3477f7db4185fe2210740866
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a281b149ed96781d3826e941783e4187fd2ee230476379972072b3eb514843bc
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a64efe899a2ac5dd2d82a7d9a23b32ce3de9ec72206e14e62bf792d4207ec38d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ac2e27e302580c00456f97202355258a9b76d107d4c0f34f6ce5a63ba291a915
afa08d084ad6b30e5f1a636f36637eebcbc8a9b29e82e5888ed115c2d2a9a874
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b330d6d96ff049bb29d7fe7a8f9296378c8ebe4ab30ebff901986bff072064fa
b8f594e8779ca5205ba5552f5c5eef35811f96481fea3b4cf7e008c9fdda266d
ba51c1b5f7bf6a340bfb6eacb27e3d91ccd7f55765721aed346e5e4c9deee26c
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be4fb8b1b42b58251efb9402604dadb8451ff86115db4ae6c1889b52d160a581
c45c671190fb8deb70cd574cb0e63b52c671855bb4cb7de28b273c37538c9221
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c88af004e8da4a5f648cbfb7edf5b6b0462f3357e416151409329dc5c9aa6c5d
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf51d49abd8494fd51a9f74b6210533d6b78f8566c82e20e326c454bd42de947
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4321f1f30031669595106fb04becc2af533906b25379795c5f4bc54d7608c80
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea640670dd32d8ee4cdfcb5d8157417f87fc1ec24171f663606e17df528b1c1b
ed69671783a9c5d9d65c23385f3df20ad40c36c987621829f2df770f91c7778c
ee92eb293b75183adfc82e5e3453ecd669eddfd7386e032f02719470a081dadb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17b08e3daaaa3f14f958459ee346e103e17d3fb136be04281fd4d5d71addb2d
f48cd775e93d118d43b8199505f1f530e18bf89b510862c63e3215174f87f87a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75fccc8b3b87163bdfe20f3c749091f09714d35a0018d1a2b40715a178c3fb3
f844a694de00e43f374e97c780f362c274bd6084665c9d7a523250054b890300
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e

www.tiktokstalk.com Open in urlscan Pro 2606:4700:3037::ac43:ad9a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

200 Requests

84 %HTTPS

48 %IPv6

48 Domains

66 Subdomains

47 IPs

11 Countries

1694 kBTransfer

4333 kBSize

49 Cookies

1 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.tiktokstalk.com Open in urlscan Pro
2606:4700:3037::ac43:ad9a Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

84 %
HTTPS

48 %
IPv6

48
Domains

66
Subdomains

47
IPs

11
Countries

1694 kB
Transfer

4333 kB
Size

49
Cookies

200 HTTP transactions
5 data transactions